timedopovo.tk Open in urlscan Pro
31.22.4.81 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://timedopovo.tk/
Submission Tags: krdtest
Submission: On July 01 via api (July 1st 2021, 9:28:36 am UTC) from JP

Summary HTTP 122 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 18 domains to perform 122 HTTP transactions. The main IP is 31.22.4.81, located in Houghton-Le-Spring, United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is timedopovo.tk.
TLS certificate: Issued by R3 on June 20th 2021. Valid for: 3 months.

This is the only time timedopovo.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	31.22.4.81 31.22.4.81	34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited)
13	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
16 16	185.59.220.199 185.59.220.199	60068 (CDN77 ^_^) (CDN77 ^_^)
1	178.62.123.45 178.62.123.45	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
11	31.22.4.94 31.22.4.94	34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1 3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
9	65.9.77.85 65.9.77.85	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
122	25

28 31.22.4.81 (Houghton-Le-Spring, United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)
PTR: sv46.byethost46.org

timedopovo.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.timedopovo.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.59.220.199 (Frankfurt am Main, Germany) 16 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: edge-722.bunnyinfra.net

cdn.shortpixel.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.62.123.45 (London, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)

panel.clickwise.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 31.22.4.94 (Houghton-Le-Spring, United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)
PTR: sv23.byethost23.org

adds.livreuso.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 65.9.77.85 (United States)

ASN16509 (AMAZON-02, US)

ad.lomadee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	timedopovo.tk timedopovo.tk www.timedopovo.tk	555 KB
25	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	357 KB
16	shortpixel.ai 16 redirects cdn.shortpixel.ai	11 KB
11	livreuso.tk adds.livreuso.tk	5 KB
10	doubleclick.net googleads.g.doubleclick.net	44 KB
9	lomadee.com ad.lomadee.com	127 KB
7	gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com fonts.gstatic.com	148 KB
6	google.com www.google.com Failed adservice.google.com	1 KB
5	google-analytics.com ssl.google-analytics.com www.google-analytics.com	75 KB
3	facebook.com 1 redirects www.facebook.com	2 KB
3	googletagservices.com www.googletagservices.com	103 KB
3	google.de adservice.google.de	561 B
2	googleapis.com fonts.googleapis.com	1 KB
2	facebook.net connect.facebook.net	70 KB
1	googleadservices.com partner.googleadservices.com	659 B
1	clickwise.net panel.clickwise.net	82 KB
0	statistcdn.com Failed statistcdn.com Failed
0	google.com.br Failed www.google.com.br Failed
122	18

	Domain	Requested by
24	timedopovo.tk	timedopovo.tk
16	cdn.shortpixel.ai	16 redirects
15	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com timedopovo.tk pagead2.googlesyndication.com
11	adds.livreuso.tk	timedopovo.tk adds.livreuso.tk
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	pagead2.googlesyndication.com	timedopovo.tk pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
9	ad.lomadee.com	adds.livreuso.tk ad.lomadee.com
5	fonts.gstatic.com	fonts.googleapis.com
4	www.timedopovo.tk	timedopovo.tk
3	www.google-analytics.com	ad.lomadee.com
3	www.facebook.com	1 redirects timedopovo.tk connect.facebook.net
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	www.google.com	timedopovo.tk googleads.g.doubleclick.net tpc.googlesyndication.com
2	fonts.googleapis.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	connect.facebook.net	timedopovo.tk connect.facebook.net
2	ssl.google-analytics.com	timedopovo.tk
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	panel.clickwise.net	timedopovo.tk
0	statistcdn.com Failed	ad.lomadee.com
0	www.google.com.br Failed	timedopovo.tk
122	24

This site contains links to these domains. Also see Links.

Domain
www.timedopovo.tk
www.facebook.com
twitter.com
feeds.feedburner.com
www.youtube.com
r.clickwise.net
timedopovo.com

Subject Issuer	Validity	Valid
timedopovo.tk R3	`2021-06-20` - `2021-09-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
panel.clickwise.net R3	`2021-05-21` - `2021-08-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
adds.livreuso.tk R3	`2021-06-05` - `2021-09-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.lomadee.com Amazon	`2021-03-31` - `2022-04-29`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-31` - `2021-08-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://timedopovo.tk/
Frame ID: B0E0F725E5F51D7A2D01E9478BA564B8
Requests: 59 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210628/r20190131/zrt_lookup.html
Frame ID: 60270C80DDEFF2A08BE607015ACDF64A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=60&slotname=3804470934&adk=3546454420&adf=2203149399&pi=t.ma~as.3804470934&w=468&lmt=1625131683&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625131682969&bpp=11&bdt=182&idt=87&shv=r20210628&cbv=%2Fr20110914&ptt=5&saldr=sa&abxe=1&correlator=4513150934890&frm=20&pv=2&ga_vid=737633867.1625131683&ga_sid=1625131683&ga_hid=1381309911&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=577&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060975%2C31061747%2C31061382&oid=3&pvsid=3826242253633630&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&xpc=engkxnrSOH&p=https%3A//timedopovo.tk&dtd=104
Frame ID: E82B7AC296E35BDE444F7F9BA04DF81D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&adk=1812271804&adf=3025194257&lmt=1625131683&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftimedopovo.tk%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625131682998&bpp=1&bdt=210&idt=89&shv=r20210628&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_slotnames=3804470934&nras=1&correlator=4513150934890&frm=20&pv=1&ga_vid=737633867.1625131683&ga_sid=1625131683&ga_hid=1381309911&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060975%2C31061747%2C31061382&oid=3&pvsid=3826242253633630&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=2&uci=a!2&fsb=1&dtd=93
Frame ID: 235B12DE66C43C6CE18AF3F0951FCE40
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3432341997211165&output=html&h=280&slotname=8825380003&adk=3290701847&adf=215310249&pi=t.ma~as.8825380003&w=1000&fwrn=4&fwrnh=100&lmt=1625131683&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625131683002&bpp=2&bdt=215&idt=106&shv=r20210628&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3804470934&nras=1&correlator=4513150934890&frm=20&pv=2&ga_vid=737633867.1625131683&ga_sid=1625131683&ga_hid=1381309911&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=308&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060975%2C31061747%2C31061382&oid=3&pvsid=3826242253633630&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UsmPa9fiiq&p=https%3A//timedopovo.tk&dtd=109
Frame ID: 30C2F4E5DD94A235709583D31AB26020
Requests: 14 HTTP requests in this frame

Frame: https://adds.livreuso.tk/anuncios//show_i.php?a=559&z=5&c=1&adurl=12484&target=_blank
Frame ID: C97397AB223D419F198A595728435B76
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3432341997211165&output=html&h=600&slotname=0023709217&adk=208576126&adf=3656672136&pi=t.ma~as.0023709217&w=120&lmt=1625131683&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625131683122&bpp=5&bdt=334&idt=5&shv=r20210628&cbv=%2Fr20110914&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0%2C1000x280&prev_slotnames=3804470934&nras=1&correlator=4513150934890&frm=20&pv=1&ga_vid=737633867.1625131683&ga_sid=1625131683&ga_hid=1381309911&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060975%2C31061747%2C31061382&oid=3&pvsid=3826242253633630&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&fsb=1&xpc=F0DLer7PRU&p=https%3A//timedopovo.tk&dtd=8
Frame ID: 5E39C06A3182B9D9E77021BD61401C46
Requests: 1 HTTP requests in this frame

Frame: https://adds.livreuso.tk/anuncios//show_i.php?a=559&z=5&c=1&adurl=12484&target=_blank
Frame ID: 24F102F958BF540D9D49F89484D8D989
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3432341997211165&output=html&h=600&slotname=4618836511&adk=2751928702&adf=4244182132&pi=t.ma~as.4618836511&w=300&fwrn=4&fwrnh=100&lmt=1625131683&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625131683192&bpp=21&bdt=405&idt=21&shv=r20210628&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39a4d8446d408bf3-220747ed4ec900d5%3AT%3D1625131683%3ART%3D1625131683%3AS%3DALNI_MbQUZN7o5yEbR3ZxPnzL9705EWQ_A&prev_fmts=0x0%2C1000x280&prev_slotnames=3804470934%2C0023709217&nras=1&correlator=4513150934890&frm=20&pv=1&ga_vid=737633867.1625131683&ga_sid=1625131683&ga_hid=1381309911&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1005&ady=705&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060975%2C31061747%2C31061382&oid=3&pvsid=3826242253633630&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=5&uci=a!5&fsb=1&xpc=K2QGXhWfaI&p=https%3A//timedopovo.tk&dtd=25
Frame ID: 554E2865EE704F55E91625F1E3E6A00A
Requests: 9 HTTP requests in this frame

Frame: https://adds.livreuso.tk/anuncios//show_i.php?a=529&z=29&c=1&adurl=12485&target=_blank
Frame ID: CA6AB456B86BF5A7FD2C0F14496A25A2
Requests: 3 HTTP requests in this frame

Frame: https://ad.lomadee.com/banner/view?sourceId=35923256&dimension=3&width=120&height=600&method=0&advertisers=&tags=
Frame ID: F6325CA88D358FAE192027EA5E0B71E9
Requests: 4 HTTP requests in this frame

Frame: https://ad.lomadee.com/banner/view?sourceId=35923256&dimension=3&width=120&height=600&method=0&advertisers=&tags=
Frame ID: B8BCD1045C1A3640346CCDDA5FF968B5
Requests: 4 HTTP requests in this frame

Frame: https://ad.lomadee.com/banner/view?sourceId=35923256&dimension=1&width=728&height=90&method=0&advertisers=&tags=
Frame ID: BFF080782E6199E5F66574909618A8C0
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html
Frame ID: 78121EDE87F11951D9464603664AE7F3
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A233AB914785A52FC7226D601174E7D2
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1ad0bf32ca25ac%2526domain%253Dtimedopovo.tk%2526origin%253Dhttps%25253A%25252F%25252Ftimedopovo.tk%25252Ff194fb87c216c3%2526relation%253Dparent.parent%26color_scheme%3Dlight%26container_width%3D300%26header%3Dtrue%26height%3D300%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ftimedopovonews%253Fref%253Dhl%26locale%3Dpt_BR%26sdk%3Djoey%26show_border%3Dtrue%26show_faces%3Dtrue%26stream%3Dfalse%26width%3D300
Frame ID: 590C6038C43FBE4D204585C47F573C84
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1307ECC7C57C1A1466EC2C75A34FEC8A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 03B2BF862AFDCF88358F5F594DDD07B9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

122
Requests

93 %
HTTPS

76 %
IPv6

18
Domains

24
Subdomains

25
IPs

3
Countries

1570 kB
Transfer

3108 kB
Size

0
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://www.timedopovo.tk/category/ultimasnoticias/
Title: Últimas notícias

Search URL Search Domain Scan URL

URL: https://www.facebook.com/timedopovonews

Search URL Search Domain Scan URL

URL: http://twitter.com/#!/time_do_povo

Search URL Search Domain Scan URL

URL: http://feeds.feedburner.com/TimeDoPovo

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TimeDoPovoCom

Search URL Search Domain Scan URL

URL: https://r.clickwise.net/click/bd514a64/5d89528c97168

Search URL Search Domain Scan URL

URL: http://timedopovo.com/
Title: TIME DO POVO

Search URL Search Domain Scan URL

URL: http://www.timedopovo.tk/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_64,h_64/https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/facebook.png HTTP 302
https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/facebook.png

Request Chain 9

https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_64,h_64/https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/twitter.png HTTP 302
https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/twitter.png

Request Chain 10

https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_64,h_64/https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/rss.png HTTP 302
https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/rss.png

Request Chain 11

https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_64,h_64/https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/youtube.png HTTP 302
https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/youtube.png

Request Chain 24

https://cdn.shortpixel.ai/client/q_glossy,ret_img/https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebarup.png HTTP 302
https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebarup.png

Request Chain 49

https://cdn.shortpixel.ai/client/q_glossy,ret_img/https://timedopovo.tk/wp-content/themes/crystalhosting/images/postindex.png HTTP 302
https://timedopovo.tk/wp-content/themes/crystalhosting/images/postindex.png

Request Chain 50

https://cdn.shortpixel.ai/client/q_glossy,ret_img/https://timedopovo.tk/wp-content/themes/crystalhosting/images/postfim-2.png HTTP 302
https://timedopovo.tk/wp-content/themes/crystalhosting/images/postfim-2.png

Request Chain 51

https://cdn.shortpixel.ai/client/q_glossy,ret_img/https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebaruppp.png HTTP 302
https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebaruppp.png

Request Chain 56

https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_145/https://timedopovo.tk/wp-content/uploads/2021/06/004-145x100.jpg HTTP 302
https://timedopovo.tk/wp-content/uploads/2021/06/004-145x100.jpg

Request Chain 57

https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_144/https://timedopovo.tk/wp-content/uploads/2021/06/003-144x100.jpg HTTP 302
https://timedopovo.tk/wp-content/uploads/2021/06/003-144x100.jpg

Request Chain 58

https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_147/https://timedopovo.tk/wp-content/uploads/2021/06/agenciacorinthians-foto-180450-1-1024x695-1-147x100.jpg HTTP 302
https://timedopovo.tk/wp-content/uploads/2021/06/agenciacorinthians-foto-180450-1-1024x695-1-147x100.jpg

Request Chain 59

https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_147/https://timedopovo.tk/wp-content/uploads/2021/06/Se-entrar-em-campo-Ramiro-vai-completar-100-jogos-pelo-Corinthians-147x100.jpg HTTP 302
https://timedopovo.tk/wp-content/uploads/2021/06/Se-entrar-em-campo-Ramiro-vai-completar-100-jogos-pelo-Corinthians-147x100.jpg

Request Chain 60

https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_133/https://timedopovo.tk/wp-content/uploads/2021/06/E2zqBvVXEAABR5D-133x100.jpg HTTP 302
https://timedopovo.tk/wp-content/uploads/2021/06/E2zqBvVXEAABR5D-133x100.jpg

Request Chain 61

https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_148/https://timedopovo.tk/wp-content/uploads/2021/06/agenciacorinthians-foto-180367-1-1024x690-1-148x100.jpg HTTP 302
https://timedopovo.tk/wp-content/uploads/2021/06/agenciacorinthians-foto-180367-1-1024x690-1-148x100.jpg

Request Chain 62

https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_145/https://timedopovo.tk/wp-content/uploads/2021/06/Corinthians-comemora-49-anos-da-estreia-do-idolo-Wladimir-145x100.jpg HTTP 302
https://timedopovo.tk/wp-content/uploads/2021/06/Corinthians-comemora-49-anos-da-estreia-do-idolo-Wladimir-145x100.jpg

Request Chain 63

https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_177/https://timedopovo.tk/wp-content/uploads/2021/06/001-177x100.png HTTP 302
https://timedopovo.tk/wp-content/uploads/2021/06/001-177x100.png

Request Chain 101

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 116

https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ad0bf32ca25ac%26domain%3Dtimedopovo.tk%26origin%3Dhttps%253A%252F%252Ftimedopovo.tk%252Ff194fb87c216c3%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=true&height=300&href=https%3A%2F%2Fwww.facebook.com%2Ftimedopovonews%3Fref%3Dhl&locale=pt_BR&sdk=joey&show_border=true&show_faces=true&stream=false&width=300 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1ad0bf32ca25ac%2526domain%253Dtimedopovo.tk%2526origin%253Dhttps%25253A%25252F%25252Ftimedopovo.tk%25252Ff194fb87c216c3%2526relation%253Dparent.parent%26color_scheme%3Dlight%26container_width%3D300%26header%3Dtrue%26height%3D300%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ftimedopovonews%253Fref%253Dhl%26locale%3Dpt_BR%26sdk%3Djoey%26show_border%3Dtrue%26show_faces%3Dtrue%26stream%3Dfalse%26width%3D300

122 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
timedopovo.tk/ 46 KB
10 KB 3197ms
3120ms Document
text/html 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL

https://timedopovo.tk/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.22.4.81 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),

Reverse DNS

sv46.byethost46.org

Software

nginx /

Resource Hash

c7a0b4b4be7b58ab5b0e0dbfc3cbf6234da12f6f8ce0b5449659e94f1adfb396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: timedopovo.tk
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Thu, 01 Jul 2021 09:28:02 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://timedopovo.tk/wp-json/>; rel="https://api.w.org/"
cache-control: max-age=0
expires: Thu, 01 Jul 2021 09:27:59 GMT
content-encoding: br

GET
H2 200 autoptimize_b29b1f69340b6254e65047bbb2ef974d.css
timedopovo.tk/wp-content/cache/autoptimize/css/ 17 KB
3 KB 100ms
99ms Stylesheet
text/css 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://timedopovo.tk/wp-content/cache/autoptimize/css/autoptimize_b29b1f69340b6254e65047bbb2ef974d.css
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.81 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: f356c1330b17335df99dda5bb53bfd858ff27b903d555e9edb775b2c08d0b357

Request headers

:path: /wp-content/cache/autoptimize/css/autoptimize_b29b1f69340b6254e65047bbb2ef974d.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: timedopovo.tk
referer: https://timedopovo.tk/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 15:58:14 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=30672000, public, immutable, public, proxy-revalidate
accept-ranges: bytes
content-length: 3012
expires: Tue, 21 Jun 2022 09:28:02 GMT

GET
H2 200 autoptimize_f94ea748099c9df4dd02b3c685044b15.css
timedopovo.tk/wp-content/cache/autoptimize/css/ 88 KB
14 KB 100ms
99ms Stylesheet
text/css 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://timedopovo.tk/wp-content/cache/autoptimize/css/autoptimize_f94ea748099c9df4dd02b3c685044b15.css
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.81 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 1e0b105463e87ccc5220d9aba7dc76cbd4ff9acab31d23f2bfcaaa81f869a702

Request headers

:path: /wp-content/cache/autoptimize/css/autoptimize_f94ea748099c9df4dd02b3c685044b15.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: timedopovo.tk
referer: https://timedopovo.tk/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 05:11:37 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=30672000, public, immutable, public, proxy-revalidate
accept-ranges: bytes
content-length: 14229
expires: Tue, 21 Jun 2022 09:28:02 GMT

GET
H2 200 jquery.js Show response
timedopovo.tk/wp-includes/js/jquery/ 281 KB
84 KB 62ms
61ms Script
application/javascript 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://timedopovo.tk/wp-includes/js/jquery/jquery.js?ver=3.5.1
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.81 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 86f937a29eaee70aaf9935799a414bea46c62fb136cc0465f63f9d6820cf4982

Request headers

:path: /wp-includes/js/jquery/jquery.js?ver=3.5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: timedopovo.tk
referer: https://timedopovo.tk/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
content-encoding: br
last-modified: Tue, 23 Feb 2021 22:25:34 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
expires: Sat, 31 Jul 2021 09:28:02 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 46ms
29ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9349517ae5b218dbbd8f88d761badabd64bd36e6f0eaae0ad685995360765cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48719
x-xss-protection: 0
server: cafe
etag: 7891261082821145910
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Jul 2021 09:28:02 GMT

GET
H2 200 logotdp.png
www.timedopovo.tk/ 31 KB
31 KB 105ms
67ms Image
image/png 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.timedopovo.tk/logotdp.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.81 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: fc08809552becc11633f8ae84e133f62f1ee23689f6aa71d532ed5ab3ac3d821

Request headers

Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
last-modified: Fri, 06 Apr 2018 00:39:56 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 31497
expires: Sat, 31 Jul 2021 09:28:02 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 92 KB
33 KB 42ms
20ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6f98e3262a2c614e92f60697753f130dad5871c6a9259833445578c6c4558fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33552
x-xss-protection: 0
server: cafe
etag: 6255117656944770205
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Jul 2021 09:28:02 GMT

GET
H2 200 vercompleto.png
www.timedopovo.tk/wp-content/themes/crystalhosting/images/ 9 KB
9 KB 110ms
72ms Image
image/png 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.timedopovo.tk/wp-content/themes/crystalhosting/images/vercompleto.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.81 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 986037628ef2f713282cdf6658e45f2d778e374635e2b7b6ec0f3e2fd9281ba3

Request headers

Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
last-modified: Fri, 06 Apr 2018 00:41:57 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 9074
expires: Sat, 31 Jul 2021 09:28:02 GMT

GET
H2 200 escudo.png
www.timedopovo.tk/ 46 KB
46 KB 95ms
57ms Image
image/png 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.timedopovo.tk/escudo.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.81 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: ce2c2f487561a1e72f77b2c28bdf121fef04e9c7d3189f5affd499a3a8a77db5

Request headers

Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
last-modified: Fri, 06 Apr 2018 00:46:34 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 46795
expires: Sat, 31 Jul 2021 09:28:02 GMT

GET
H2

200

facebook.png
timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/
Redirect Chain

https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_64,h_64/https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/facebook.png
https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/facebook.png

763 B
957 B

409ms
408ms

Image
image/png

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/facebook.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.81 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: b8e86c44c2f2cc0f6d192de5b6a94b23e3c60db1117bed35701ae1e7ec6cfe5a

Request headers

:path: /wp-content/plugins/social-media-widget/images/default/64/facebook.png
pragma: no-cache
cookie: __utma=204431381.737633867.1625131683.1625131683.1625131683.1; __utmc=204431381; __utmz=204431381.1625131683.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=204431381.1.10.1625131683
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: timedopovo.tk
referer: https://timedopovo.tk/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
last-modified: Fri, 06 Apr 2018 00:40:17 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 763
expires: Sat, 31 Jul 2021 09:28:02 GMT

Redirect headers

date: Thu, 01 Jul 2021 09:28:03 GMT
cdn-edgestorageid: 723, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:timedopovo.tk
cdn-cachedat: 2021-07-01 11:28:03
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-722
cdn-requestpullcode: 302
x-purge: 1
location: https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/facebook.png
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 0a121095dfde92c611e40a02edf15c01
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2

200

twitter.png
timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/
Redirect Chain

https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_64,h_64/https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/twitter.png
https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/twitter.png

1 KB
2 KB

357ms
357ms

Image
image/png

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/twitter.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.81 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 7961fb8e2c56c456004b8621329bcc73e2030785eb88be511bec404c80a659b7

Request headers

:path: /wp-content/plugins/social-media-widget/images/default/64/twitter.png
pragma: no-cache
cookie: __utma=204431381.737633867.1625131683.1625131683.1625131683.1; __utmc=204431381; __utmz=204431381.1625131683.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=204431381.1.10.1625131683
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: timedopovo.tk
referer: https://timedopovo.tk/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
last-modified: Fri, 06 Apr 2018 00:40:17 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 1342
expires: Sat, 31 Jul 2021 09:28:02 GMT

Redirect headers

date: Thu, 01 Jul 2021 09:28:03 GMT
cdn-edgestorageid: 756, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:timedopovo.tk
cdn-cachedat: 2021-07-01 11:28:03
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-722
cdn-requestpullcode: 302
x-purge: 1
location: https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/twitter.png
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 030bc6670fc4eddcfba7b07f23720299
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2

200

rss.png
timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/
Redirect Chain

https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_64,h_64/https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/rss.png
https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/rss.png

3 KB
3 KB

349ms
349ms

Image
image/png

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/rss.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.81 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 6bd760dc672e6d692fd30cca41e3629ab4c67d24fde1d13d2b3d5744fd06f351

Request headers

:path: /wp-content/plugins/social-media-widget/images/default/64/rss.png
pragma: no-cache
cookie: __utma=204431381.737633867.1625131683.1625131683.1625131683.1; __utmc=204431381; __utmz=204431381.1625131683.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=204431381.1.10.1625131683
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: timedopovo.tk
referer: https://timedopovo.tk/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
last-modified: Fri, 06 Apr 2018 00:40:17 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 2746
expires: Sat, 31 Jul 2021 09:28:02 GMT

Redirect headers

date: Thu, 01 Jul 2021 09:28:03 GMT
cdn-edgestorageid: 752, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:timedopovo.tk
cdn-cachedat: 2021-07-01 11:28:03
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-722
cdn-requestpullcode: 302
x-purge: 1
location: https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/rss.png
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 65b1fdaa12a96ec3c3f747e4415a20fd
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2

200

youtube.png
timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/
Redirect Chain

https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_64,h_64/https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/youtube.png
https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/youtube.png

3 KB
3 KB

400ms
400ms

Image
image/png

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/youtube.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.81 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 70026657c87a5132b6a431dff968771873d699737fb63c32af45f5790a1a38c3

Request headers

:path: /wp-content/plugins/social-media-widget/images/default/64/youtube.png
pragma: no-cache
cookie: __utma=204431381.737633867.1625131683.1625131683.1625131683.1; __utmc=204431381; __utmz=204431381.1625131683.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=204431381.1.10.1625131683
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: timedopovo.tk
referer: https://timedopovo.tk/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
last-modified: Fri, 06 Apr 2018 00:40:17 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 3229
expires: Sat, 31 Jul 2021 09:28:02 GMT

Redirect headers

date: Thu, 01 Jul 2021 09:28:03 GMT
cdn-edgestorageid: 756, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:timedopovo.tk
cdn-cachedat: 2021-07-01 11:28:03
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-722
cdn-requestpullcode: 302
x-purge: 1
location: https://timedopovo.tk/wp-content/plugins/social-media-widget/images/default/64/youtube.png
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 4de63a8acde2d33cb395f241aecdaaeb
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H/1.1 200
OK 032dc8fe26d84282b2bcb0f3865cbae7.png
panel.clickwise.net/media/banner/20210309/ 82 KB
82 KB 189ms
34ms Image
image/png 178.62.123.45
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://panel.clickwise.net/media/banner/20210309/032dc8fe26d84282b2bcb0f3865cbae7.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.62.123.45 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash: 9186533ba21799e1a451b35581408963a2bd352a157f1b194c0727fb68357558

Request headers

Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 09:28:03 GMT
Last-Modified: Tue, 09 Mar 2021 23:29:52 GMT
Server: openresty/1.17.8.2
ETag: "604804f0-14743"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 83779

GET
H2 200 logo.gif
www.timedopovo.tk/ 259 KB
260 KB 87ms
60ms Image
image/gif 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.timedopovo.tk/logo.gif
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.81 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 74a14c3c9efff84398be5969f5ed596e76fd40786aa034907d67e2cafbf746d6

Request headers

Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
last-modified: Fri, 06 Apr 2018 00:46:39 GMT
server: nginx
content-type: image/gif
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 265726
expires: Sat, 31 Jul 2021 09:28:02 GMT

GET
H2 200 autoptimize_64369739fc755262d7d80c591d79ad24.js Show response
timedopovo.tk/wp-content/cache/autoptimize/js/ 20 KB
7 KB 68ms
62ms Script
application/javascript 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://timedopovo.tk/wp-content/cache/autoptimize/js/autoptimize_64369739fc755262d7d80c591d79ad24.js
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.81 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 4f2dab5366889ccb09deeff2e8530ddd50234a9ecf94bd021a7b5df566c4ab97

Request headers

:path: /wp-content/cache/autoptimize/js/autoptimize_64369739fc755262d7d80c591d79ad24.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: timedopovo.tk
referer: https://timedopovo.tk/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 15:58:14 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30672000, public, immutable, public, proxy-revalidate, public, proxy-revalidate
accept-ranges: bytes
content-length: 6764
expires: Tue, 21 Jun 2022 09:28:02 GMT

GET
H2 200 twemoji.js Show response
timedopovo.tk/wp-includes/js/ 27 KB
8 KB 71ms
65ms Script
application/javascript 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://timedopovo.tk/wp-includes/js/twemoji.js?ver=5.7.2
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.81 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: e98cd00e7be004c4360ad0c38471911312d74a117babcc29f239935afc80c8cb

Request headers

:path: /wp-includes/js/twemoji.js?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: timedopovo.tk
referer: https://timedopovo.tk/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
content-encoding: br
last-modified: Tue, 23 Feb 2021 22:25:34 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
expires: Sat, 31 Jul 2021 09:28:02 GMT

GET
H2 200 wp-emoji.js Show response
timedopovo.tk/wp-includes/js/ 9 KB
4 KB 76ms
70ms Script
application/javascript 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://timedopovo.tk/wp-includes/js/wp-emoji.js?ver=5.7.2
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.81 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6

Request headers

:path: /wp-includes/js/wp-emoji.js?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: timedopovo.tk
referer: https://timedopovo.tk/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
content-encoding: br
last-modified: Sun, 03 May 2020 16:41:02 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
expires: Sat, 31 Jul 2021 09:28:02 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 4177
date: Thu, 01 Jul 2021 08:18:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 01 Jul 2021 10:18:25 GMT

GET
H2 200 all.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/all.js

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

504d99fa3b140ec5b29d818ae6d2ab46c7786f6025e610e7c1c74812a9517c2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: NOj45mazkxW9wZeVSysrPg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: +jRecT2TCk/82vRhLhAxzJCh2tppMftBXLa7o8GHlg+IEYNBUGXHclKVwF0CAN0yFvILEJN6DgD1Edkd42hgfw==
x-fb-trip-id: 2050670934
x-fb-content-md5: 41262a8ada352effe9dd8951c8a1efdd
x-frame-options: DENY
date: Thu, 01 Jul 2021 09:28:02 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "c4c5a3805af4130bea89cd5983bbeb3a"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 01 Jul 2021 09:29:44 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202106280101/ 240 KB
89 KB 43ms
29ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202106280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9397577970694762&plah=timedopovo.tk&amaexp=1&bust=exp%3D31061747

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa5d57aec60fbf8f5704ef438e3790323b2c54c91c18c7241a890a7e3cb00fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90935
x-xss-protection: 0
server: cafe
etag: 1091048380552772665
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 01 Jul 2021 09:28:03 GMT

GET query_renderer.js
www.google.com/cse/ 0
0

GET js
www.google.com/cse/api/partner-pub-3432341997211165/cse/6624308046/queries/ 0
0

GET show_afs_search.js
www.google.com/afsonline/ 0
0

GET
H2 200 show.php Show response
adds.livreuso.tk/anuncios// 482 B
490 B 127ms
47ms Script
text/html 31.22.4.94
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://adds.livreuso.tk/anuncios//show.php?ad_type=14&j=1&code=1625131682981
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.94 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv23.byethost23.org
Software: nginx /
Resource Hash: 26c2de650abedd51a53aa45b0a4291a896862c9cbc1a3db734f86942373ff069

Request headers

Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 09:28:02 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: text/html
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

sidebarup.png
timedopovo.tk/wp-content/themes/crystalhosting/images/
Redirect Chain

https://cdn.shortpixel.ai/client/q_glossy,ret_img/https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebarup.png
https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebarup.png

3 KB
3 KB

375ms
374ms

Image
image/png

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebarup.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/wp-content/cache/autoptimize/css/autoptimize_f94ea748099c9df4dd02b3c685044b15.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.81 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: cbd509669e176f744af1c69d7c339e14127f4be4c59185d6c5ba6fe448fca6f9

Request headers

:path: /wp-content/themes/crystalhosting/images/sidebarup.png
pragma: no-cache
cookie: __utma=204431381.737633867.1625131683.1625131683.1625131683.1; __utmc=204431381; __utmz=204431381.1625131683.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=204431381.1.10.1625131683
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: timedopovo.tk
referer: https://timedopovo.tk/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
last-modified: Fri, 06 Apr 2018 00:41:57 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 3225
expires: Sat, 31 Jul 2021 09:28:02 GMT

Redirect headers

date: Thu, 01 Jul 2021 09:28:03 GMT
cdn-edgestorageid: 756, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:timedopovo.tk
cdn-cachedat: 2021-07-01 11:28:03
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-722
cdn-requestpullcode: 302
x-purge: 1
location: https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebarup.png
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: d27dc010bd777064ca472f928e2cbde6
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210628/r20190131/ Frame 6027 10 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210628/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210628/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://timedopovo.tk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://timedopovo.tk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 30 Jun 2021 19:14:00 GMT
expires: Wed, 14 Jul 2021 19:14:00 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 51243
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 all.js Show response
connect.facebook.net/pt_BR/ 234 KB
68 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/all.js?hash=9853219abf11c358881ef70e4635079d

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/all.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

424ed09455012f5bcea0f4b2b79eb9f973e4b44ad33773601dd9bc5485badd9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://timedopovo.tk
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: T7E4A+41cUDoFI/kuSgvCA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 69378
x-fb-rlafr: 0
x-fb-debug: 6BZsr3SaeH9FVNPi9PXY/7Mdxo9Vyz6e8OT0lP0HGaAqEHfjPkksgEvVfc3z2gHglAakgrDJoOgYQ4VoiZmwQQ==
x-fb-content-md5: 5ab165f5c20f924c283f7973d711e51f
x-frame-options: DENY
date: Thu, 01 Jul 2021 09:28:03 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "37bd95d445dd3acf1744533a0386887d"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 01 Jul 2022 08:06:10 GMT

GET
H3-29 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 24ms
21ms Image
image/gif 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=231826688&utmhn=timedopovo.tk&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Time%20Do%20Povo&utmhid=1381309911&utmr=-&utmp=%2F&utmht=1625131683040&utmac=UA-23996175-16&utmcc=__utma%3D204431381.737633867.1625131683.1625131683.1625131683.1%3B%2B__utmz%3D204431381.1625131683.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=544984758&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 09:28:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
659 B 41ms
15ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=timedopovo.tk&callback=_gfp_s_&client=ca-pub-9397577970694762

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202106280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9397577970694762&plah=timedopovo.tk&amaexp=1&bust=exp%3D31061747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

582d51734a74ebfe38b84dd58fbdcd9db0fb6d9a6be3297e82d1adac5f165ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
317 B 15ms
14ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=timedopovo.tk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Jul 2021 09:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
317 B 17ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=timedopovo.tk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Jul 2021 09:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E82B 430 B
231 B 359ms
357ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&h=60&slotname=3804470934&adk=3546454420&adf=2203149399&pi=t.ma~as.3804470934&w=468&lmt=1625131683&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625131682969&bpp=11&bdt=182&idt=87&shv=r20210628&cbv=%2Fr20110914&ptt=5&saldr=sa&abxe=1&correlator=4513150934890&frm=20&pv=2&ga_vid=737633867.1625131683&ga_sid=1625131683&ga_hid=1381309911&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=577&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060975%2C31061747%2C31061382&oid=3&pvsid=3826242253633630&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&xpc=engkxnrSOH&p=https%3A//timedopovo.tk&dtd=104

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4bdb5a57ada4753aa3225f9ccd5a3afc92e9686a15009ebd6f52c365de3f321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9397577970694762&output=html&h=60&slotname=3804470934&adk=3546454420&adf=2203149399&pi=t.ma~as.3804470934&w=468&lmt=1625131683&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625131682969&bpp=11&bdt=182&idt=87&shv=r20210628&cbv=%2Fr20110914&ptt=5&saldr=sa&abxe=1&correlator=4513150934890&frm=20&pv=2&ga_vid=737633867.1625131683&ga_sid=1625131683&ga_hid=1381309911&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=577&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060975%2C31061747%2C31061382&oid=3&pvsid=3826242253633630&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&xpc=engkxnrSOH&p=https%3A//timedopovo.tk&dtd=104
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://timedopovo.tk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://timedopovo.tk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 01 Jul 2021 09:28:03 GMT
server: cafe
content-length: 208
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 01-Jul-2021 09:43:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Jul 2021 09:28:03 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29d592e34e3d2c8ca0c55ceafd75940de79cdb6381d8ceb372d226e7820e7220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:03 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879999447392"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27719
x-xss-protection: 0
expires: Thu, 01 Jul 2021 09:28:03 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
38ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-9397577970694762&c=12&n=0&t=0&w=9&x=1

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 09:28:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 235B 1 KB
430 B 76ms
76ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9397577970694762&output=html&adk=1812271804&adf=3025194257&lmt=1625131683&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftimedopovo.tk%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625131682998&bpp=1&bdt=210&idt=89&shv=r20210628&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_slotnames=3804470934&nras=1&correlator=4513150934890&frm=20&pv=1&ga_vid=737633867.1625131683&ga_sid=1625131683&ga_hid=1381309911&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060975%2C31061747%2C31061382&oid=3&pvsid=3826242253633630&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=2&uci=a!2&fsb=1&dtd=93

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7c551b1377910b03c341ebde9f8c4e02c160d73ead48832efb3f3a3e278c1b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9397577970694762&output=html&adk=1812271804&adf=3025194257&lmt=1625131683&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftimedopovo.tk%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625131682998&bpp=1&bdt=210&idt=89&shv=r20210628&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_slotnames=3804470934&nras=1&correlator=4513150934890&frm=20&pv=1&ga_vid=737633867.1625131683&ga_sid=1625131683&ga_hid=1381309911&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060975%2C31061747%2C31061382&oid=3&pvsid=3826242253633630&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=2&uci=a!2&fsb=1&dtd=93
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://timedopovo.tk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://timedopovo.tk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 01 Jul 2021 09:28:03 GMT
server: cafe
content-length: 407
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 01-Jul-2021 09:43:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Jul 2021 09:28:03 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 30C2 60 KB
16 KB 686ms
685ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3432341997211165&output=html&h=280&slotname=8825380003&adk=3290701847&adf=215310249&pi=t.ma~as.8825380003&w=1000&fwrn=4&fwrnh=100&lmt=1625131683&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625131683002&bpp=2&bdt=215&idt=106&shv=r20210628&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3804470934&nras=1&correlator=4513150934890&frm=20&pv=2&ga_vid=737633867.1625131683&ga_sid=1625131683&ga_hid=1381309911&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=308&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060975%2C31061747%2C31061382&oid=3&pvsid=3826242253633630&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UsmPa9fiiq&p=https%3A//timedopovo.tk&dtd=109

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bc45ae1a68c98eaf9e0b6792354927135f20a397277609fc7081599502104a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3432341997211165&output=html&h=280&slotname=8825380003&adk=3290701847&adf=215310249&pi=t.ma~as.8825380003&w=1000&fwrn=4&fwrnh=100&lmt=1625131683&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625131683002&bpp=2&bdt=215&idt=106&shv=r20210628&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3804470934&nras=1&correlator=4513150934890&frm=20&pv=2&ga_vid=737633867.1625131683&ga_sid=1625131683&ga_hid=1381309911&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=308&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060975%2C31061747%2C31061382&oid=3&pvsid=3826242253633630&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UsmPa9fiiq&p=https%3A//timedopovo.tk&dtd=109
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://timedopovo.tk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://timedopovo.tk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 01 Jul 2021 09:28:03 GMT
server: cafe
content-length: 16270
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 01-Jul-2021 09:43:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Jul 2021 09:28:03 GMT
cache-control: private

GET
H2 200 /
www.facebook.com/platform/scribe_endpoint.php/ 67 B
1002 B 38ms
26ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/platform/scribe_endpoint.php/?c=jssdk_error&m=%7B%22appId%22%3A%22%22%2C%22error%22%3A%22legacy_status_init%22%7D

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Origin: https://timedopovo.tk
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: no-cache
x-fb-debug: mp2f1UB7WamLjQ8CfS2kmNTizHKf5Jh2nA02ax0byl6ftOjjYwlCGRxUE4o811giisichWDNtsbVggB6y80l0g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 01 Jul 2021 09:28:03 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 show_i.php Show response
adds.livreuso.tk/anuncios// Frame C973 1 KB
733 B 51ms
50ms Document
text/html 31.22.4.94
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://adds.livreuso.tk/anuncios//show_i.php?a=559&z=5&c=1&adurl=12484&target=_blank
Requested by: Host: adds.livreuso.tk
URL: https://adds.livreuso.tk/anuncios//show.php?ad_type=14&j=1&code=1625131682981
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.94 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv23.byethost23.org
Software: nginx /
Resource Hash: eead3bba68edf59824c7b77e6e33e9de969f7f84c40745ca757a10aa97020117

Request headers

:method: GET
:authority: adds.livreuso.tk
:scheme: https
:path: /anuncios//show_i.php?a=559&z=5&c=1&adurl=12484&target=_blank
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://timedopovo.tk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://timedopovo.tk/

Response headers

server: nginx
date: Thu, 01 Jul 2021 09:28:02 GMT
content-type: text/html
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=spfr7if5qnh0pb8h7jodsg0186; path=/
content-encoding: br

GET
H2 200 blank.gif
adds.livreuso.tk/anuncios//images/ 43 B
236 B 41ms
40ms Image
image/gif 31.22.4.94
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adds.livreuso.tk/anuncios//images/blank.gif
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.94 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv23.byethost23.org
Software: nginx /
Resource Hash: 204e26ceed9d428095faf4121c5049f1e106116971865681001c2298f7cc5689

Request headers

Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
last-modified: Sun, 17 Dec 2017 15:19:14 GMT
server: nginx
content-type: image/gif
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 43
expires: Sat, 31 Jul 2021 09:28:02 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 28ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=timedopovo.tk

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Jul 2021 09:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 24ms
21ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=timedopovo.tk

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Jul 2021 09:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5E39 430 B
231 B 554ms
554ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3432341997211165&output=html&h=600&slotname=0023709217&adk=208576126&adf=3656672136&pi=t.ma~as.0023709217&w=120&lmt=1625131683&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625131683122&bpp=5&bdt=334&idt=5&shv=r20210628&cbv=%2Fr20110914&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0%2C1000x280&prev_slotnames=3804470934&nras=1&correlator=4513150934890&frm=20&pv=1&ga_vid=737633867.1625131683&ga_sid=1625131683&ga_hid=1381309911&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060975%2C31061747%2C31061382&oid=3&pvsid=3826242253633630&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&fsb=1&xpc=F0DLer7PRU&p=https%3A//timedopovo.tk&dtd=8

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd5f53c36b1a54176ad71a965a88c0bc1520a1b75511fb81b15414cab9a878d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3432341997211165&output=html&h=600&slotname=0023709217&adk=208576126&adf=3656672136&pi=t.ma~as.0023709217&w=120&lmt=1625131683&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625131683122&bpp=5&bdt=334&idt=5&shv=r20210628&cbv=%2Fr20110914&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0%2C1000x280&prev_slotnames=3804470934&nras=1&correlator=4513150934890&frm=20&pv=1&ga_vid=737633867.1625131683&ga_sid=1625131683&ga_hid=1381309911&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060975%2C31061747%2C31061382&oid=3&pvsid=3826242253633630&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&fsb=1&xpc=F0DLer7PRU&p=https%3A//timedopovo.tk&dtd=8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://timedopovo.tk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://timedopovo.tk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 01 Jul 2021 09:28:03 GMT
server: cafe
content-length: 208
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 01-Jul-2021 09:43:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Jul 2021 09:28:03 GMT
cache-control: private

GET
H2 200 show.php Show response
adds.livreuso.tk/anuncios// 482 B
487 B 53ms
53ms Script
text/html 31.22.4.94
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://adds.livreuso.tk/anuncios//show.php?ad_type=14&j=1&code=1625131683133
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.94 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv23.byethost23.org
Software: nginx /
Resource Hash: 26c2de650abedd51a53aa45b0a4291a896862c9cbc1a3db734f86942373ff069

Request headers

Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 09:28:02 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: text/html
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 script.js Show response
ad.lomadee.com/banners/ Frame C973 432 B
588 B 82ms
34ms Script
text/html 65.9.77.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lomadee.com/banners/script.js?sourceId=35923256&dimension=3&height=600&width=120&method=0
Requested by: Host: adds.livreuso.tk
URL: https://adds.livreuso.tk/anuncios//show_i.php?a=559&z=5&c=1&adurl=12484&target=_blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: e984e3d18fdb5dcc9ac6ab02e069d5b78cf22c19681cd064541c49de98c731b2

Request headers

Referer: https://adds.livreuso.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 08:08:49 GMT
via: 1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
age: 91153
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-language: en-US
content-encoding: gzip
x-amz-cf-pop: AMS1-C1
content-type: text/html;charset=UTF-8
x-amz-cf-id: z4L-sKdg9zeb0WI_QGHPYkGEvjYjDouB7dvyFncSLIkJBdg4yFUMcA==

GET
H2 200 blank.gif
adds.livreuso.tk/anuncios//images/ Frame C973 43 B
236 B 33ms
33ms Image
image/gif 31.22.4.94
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adds.livreuso.tk/anuncios//images/blank.gif
Requested by: Host: adds.livreuso.tk
URL: https://adds.livreuso.tk/anuncios//show_i.php?a=559&z=5&c=1&adurl=12484&target=_blank
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.94 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv23.byethost23.org
Software: nginx /
Resource Hash: 204e26ceed9d428095faf4121c5049f1e106116971865681001c2298f7cc5689

Request headers

Referer: https://adds.livreuso.tk/anuncios//show_i.php?a=559&z=5&c=1&adurl=12484&target=_blank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
last-modified: Sun, 17 Dec 2017 15:19:14 GMT
server: nginx
content-type: image/gif
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 43
expires: Sat, 31 Jul 2021 09:28:02 GMT

GET
H2 200 show_i.php Show response
adds.livreuso.tk/anuncios// Frame 24F1 1 KB
733 B 39ms
39ms Document
text/html 31.22.4.94
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://adds.livreuso.tk/anuncios//show_i.php?a=559&z=5&c=1&adurl=12484&target=_blank
Requested by: Host: adds.livreuso.tk
URL: https://adds.livreuso.tk/anuncios//show.php?ad_type=14&j=1&code=1625131683133
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.94 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv23.byethost23.org
Software: nginx /
Resource Hash: eead3bba68edf59824c7b77e6e33e9de969f7f84c40745ca757a10aa97020117

Request headers

:method: GET
:authority: adds.livreuso.tk
:scheme: https
:path: /anuncios//show_i.php?a=559&z=5&c=1&adurl=12484&target=_blank
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://timedopovo.tk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://timedopovo.tk/

Response headers

server: nginx
date: Thu, 01 Jul 2021 09:28:02 GMT
content-type: text/html
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=h1ojploggecjb3cglavh0gphg1; path=/
content-encoding: br

GET
H2 200 blank.gif
adds.livreuso.tk/anuncios//images/ 43 B
236 B 35ms
35ms Image
image/gif 31.22.4.94
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adds.livreuso.tk/anuncios//images/blank.gif
Requested by: Host: adds.livreuso.tk
URL: https://adds.livreuso.tk/anuncios//show.php?ad_type=14&j=1&code=1625131683133
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.94 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv23.byethost23.org
Software: nginx /
Resource Hash: 204e26ceed9d428095faf4121c5049f1e106116971865681001c2298f7cc5689

Request headers

Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
last-modified: Sun, 17 Dec 2017 15:19:14 GMT
server: nginx
content-type: image/gif
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 43
expires: Sat, 31 Jul 2021 09:28:02 GMT

GET show_ads.js
pagead2.googlesyndication.com/pagead/ 0
0

GET brand
www.google.com.br/coop/cse/ 0
0

GET
H2

200

postindex.png
timedopovo.tk/wp-content/themes/crystalhosting/images/
Redirect Chain

https://cdn.shortpixel.ai/client/q_glossy,ret_img/https://timedopovo.tk/wp-content/themes/crystalhosting/images/postindex.png
https://timedopovo.tk/wp-content/themes/crystalhosting/images/postindex.png

8 KB
8 KB

184ms
184ms

Image
image/png

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/themes/crystalhosting/images/postindex.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/wp-content/cache/autoptimize/css/autoptimize_f94ea748099c9df4dd02b3c685044b15.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.81 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 64ad2b889e573ea0f48d0c21a22e7dbc47d08ca54dff2091e418e9b4b418be14

Request headers

:path: /wp-content/themes/crystalhosting/images/postindex.png
pragma: no-cache
cookie: __utma=204431381.737633867.1625131683.1625131683.1625131683.1; __utmc=204431381; __utmz=204431381.1625131683.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=204431381.1.10.1625131683; __gads=ID=39a4d8446d408bf3-220747ed4ec900d5:T=1625131683:RT=1625131683:S=ALNI_MbQUZN7o5yEbR3ZxPnzL9705EWQ_A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: timedopovo.tk
referer: https://timedopovo.tk/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
last-modified: Fri, 06 Apr 2018 00:41:57 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 7795
expires: Sat, 31 Jul 2021 09:28:02 GMT

Redirect headers

date: Thu, 01 Jul 2021 09:28:03 GMT
cdn-edgestorageid: 755, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:timedopovo.tk
cdn-cachedat: 2021-07-01 09:28:03
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-722
cdn-requestpullcode: 302
x-purge: 1
location: https://timedopovo.tk/wp-content/themes/crystalhosting/images/postindex.png
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 96c97bae4051539d223a14be29f3352b
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2

200

postfim-2.png
timedopovo.tk/wp-content/themes/crystalhosting/images/
Redirect Chain

https://cdn.shortpixel.ai/client/q_glossy,ret_img/https://timedopovo.tk/wp-content/themes/crystalhosting/images/postfim-2.png
https://timedopovo.tk/wp-content/themes/crystalhosting/images/postfim-2.png

3 KB
3 KB

185ms
185ms

Image
image/png

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/themes/crystalhosting/images/postfim-2.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/wp-content/cache/autoptimize/css/autoptimize_f94ea748099c9df4dd02b3c685044b15.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.81 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 5a02e2246cb69facdac93ae2789f172c7ad079808db6bf62f41af6c6c2857a95

Request headers

:path: /wp-content/themes/crystalhosting/images/postfim-2.png
pragma: no-cache
cookie: __utma=204431381.737633867.1625131683.1625131683.1625131683.1; __utmc=204431381; __utmz=204431381.1625131683.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=204431381.1.10.1625131683; __gads=ID=39a4d8446d408bf3-220747ed4ec900d5:T=1625131683:RT=1625131683:S=ALNI_MbQUZN7o5yEbR3ZxPnzL9705EWQ_A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: timedopovo.tk
referer: https://timedopovo.tk/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
last-modified: Fri, 06 Apr 2018 00:41:57 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 3249
expires: Sat, 31 Jul 2021 09:28:02 GMT

Redirect headers

date: Thu, 01 Jul 2021 09:28:03 GMT
cdn-edgestorageid: 632, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:timedopovo.tk
cdn-cachedat: 2021-06-30 11:38:47
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-722
cdn-requestpullcode: 302
x-purge: 1
location: https://timedopovo.tk/wp-content/themes/crystalhosting/images/postfim-2.png
content-type: text/html; charset=UTF-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 35c2b629ba009306186b2f1e751d7688
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2

200

sidebaruppp.png
timedopovo.tk/wp-content/themes/crystalhosting/images/
Redirect Chain

https://cdn.shortpixel.ai/client/q_glossy,ret_img/https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebaruppp.png
https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebaruppp.png

3 KB
3 KB

214ms
214ms

Image
image/png

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebaruppp.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/wp-content/cache/autoptimize/css/autoptimize_f94ea748099c9df4dd02b3c685044b15.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.81 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 2ef3959264092b72de9339f88c90054eed3c2c83a3e755b058df53ce75310ee7

Request headers

:path: /wp-content/themes/crystalhosting/images/sidebaruppp.png
pragma: no-cache
cookie: __utma=204431381.737633867.1625131683.1625131683.1625131683.1; __utmc=204431381; __utmz=204431381.1625131683.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=204431381.1.10.1625131683; __gads=ID=39a4d8446d408bf3-220747ed4ec900d5:T=1625131683:RT=1625131683:S=ALNI_MbQUZN7o5yEbR3ZxPnzL9705EWQ_A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: timedopovo.tk
referer: https://timedopovo.tk/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
last-modified: Fri, 06 Apr 2018 00:41:57 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 3281
expires: Sat, 31 Jul 2021 09:28:02 GMT

Redirect headers

date: Thu, 01 Jul 2021 09:28:03 GMT
cdn-edgestorageid: 755, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:timedopovo.tk
cdn-cachedat: 2021-06-30 19:23:10
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-722
cdn-requestpullcode: 302
x-purge: 1
location: https://timedopovo.tk/wp-content/themes/crystalhosting/images/sidebaruppp.png
content-type: text/html; charset=UTF-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 767cdfca00b99da5e92504157c4ee272
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 18ms
17ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=timedopovo.tk

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Jul 2021 09:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=timedopovo.tk

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Jul 2021 09:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 554E 65 KB
23 KB 812ms
810ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3432341997211165&output=html&h=600&slotname=4618836511&adk=2751928702&adf=4244182132&pi=t.ma~as.4618836511&w=300&fwrn=4&fwrnh=100&lmt=1625131683&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625131683192&bpp=21&bdt=405&idt=21&shv=r20210628&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39a4d8446d408bf3-220747ed4ec900d5%3AT%3D1625131683%3ART%3D1625131683%3AS%3DALNI_MbQUZN7o5yEbR3ZxPnzL9705EWQ_A&prev_fmts=0x0%2C1000x280&prev_slotnames=3804470934%2C0023709217&nras=1&correlator=4513150934890&frm=20&pv=1&ga_vid=737633867.1625131683&ga_sid=1625131683&ga_hid=1381309911&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1005&ady=705&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060975%2C31061747%2C31061382&oid=3&pvsid=3826242253633630&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=5&uci=a!5&fsb=1&xpc=K2QGXhWfaI&p=https%3A//timedopovo.tk&dtd=25

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a3a7fa763bed9a2db11ef20a393033951f38fd221f113a1a2d2891cd3b2ddfb

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CICrxaXHwfECFZgMiwodfpsDug&gqi=o4rdYNb2DY_i-gaQgZbADA&layout=/sadbundle/%24csp%253Der3%24/17626451119355985920/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3432341997211165&output=html&h=600&slotname=4618836511&adk=2751928702&adf=4244182132&pi=t.ma~as.4618836511&w=300&fwrn=4&fwrnh=100&lmt=1625131683&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625131683192&bpp=21&bdt=405&idt=21&shv=r20210628&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39a4d8446d408bf3-220747ed4ec900d5%3AT%3D1625131683%3ART%3D1625131683%3AS%3DALNI_MbQUZN7o5yEbR3ZxPnzL9705EWQ_A&prev_fmts=0x0%2C1000x280&prev_slotnames=3804470934%2C0023709217&nras=1&correlator=4513150934890&frm=20&pv=1&ga_vid=737633867.1625131683&ga_sid=1625131683&ga_hid=1381309911&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1005&ady=705&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060975%2C31061747%2C31061382&oid=3&pvsid=3826242253633630&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=5&uci=a!5&fsb=1&xpc=K2QGXhWfaI&p=https%3A//timedopovo.tk&dtd=25
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://timedopovo.tk/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://timedopovo.tk/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CICrxaXHwfECFZgMiwodfpsDug&gqi=o4rdYNb2DY_i-gaQgZbADA&layout=/sadbundle/%24csp%253Der3%24/17626451119355985920/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 01 Jul 2021 09:28:04 GMT
server: cafe
content-length: 23102
x-xss-protection: 0
set-cookie: IDE=AHWqTUkhlpwaxPNLla_jS0vXCcTJeDwoy6cajbBVJsGpS8y7k8uOyaNDWQtsuMaKx7c; expires=Tue, 26-Jul-2022 09:28:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Jul 2021 09:28:04 GMT
cache-control: private

GET
H2 200 show.php Show response
adds.livreuso.tk/anuncios// 483 B
487 B 44ms
44ms Script
text/html 31.22.4.94
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://adds.livreuso.tk/anuncios//show.php?z=29&j=1&code=1625131683222
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.94 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv23.byethost23.org
Software: nginx /
Resource Hash: 05453e4bc29bf102d62f4bc29373c1d1228990689e5bc5dd2f799127e4bf10c4

Request headers

Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 09:28:02 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: text/html
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

004-145x100.jpg
timedopovo.tk/wp-content/uploads/2021/06/
Redirect Chain

https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_145/https://timedopovo.tk/wp-content/uploads/2021/06/004-145x100.jpg
https://timedopovo.tk/wp-content/uploads/2021/06/004-145x100.jpg

4 KB
5 KB

181ms
181ms

Image
image/jpeg

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/uploads/2021/06/004-145x100.jpg
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.81 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 23f91e8fed1b07720dbb269a526666a72ca20e4af6388c95757f7469229708dd

Request headers

:path: /wp-content/uploads/2021/06/004-145x100.jpg
pragma: no-cache
cookie: __utma=204431381.737633867.1625131683.1625131683.1625131683.1; __utmc=204431381; __utmz=204431381.1625131683.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=204431381.1.10.1625131683; __gads=ID=39a4d8446d408bf3-220747ed4ec900d5:T=1625131683:RT=1625131683:S=ALNI_MbQUZN7o5yEbR3ZxPnzL9705EWQ_A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: timedopovo.tk
referer: https://timedopovo.tk/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
last-modified: Wed, 09 Jun 2021 12:19:41 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 4416
expires: Sat, 31 Jul 2021 09:28:02 GMT

Redirect headers

date: Thu, 01 Jul 2021 09:28:03 GMT
cdn-edgestorageid: 632, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:timedopovo.tk
cdn-cachedat: 2021-06-30 21:23:10
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-722
cdn-requestpullcode: 302
x-purge: 1
location: https://timedopovo.tk/wp-content/uploads/2021/06/004-145x100.jpg
content-type: text/html; charset=UTF-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 26653533efb1a64536b8259f76555426
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2

200

003-144x100.jpg
timedopovo.tk/wp-content/uploads/2021/06/
Redirect Chain

https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_144/https://timedopovo.tk/wp-content/uploads/2021/06/003-144x100.jpg
https://timedopovo.tk/wp-content/uploads/2021/06/003-144x100.jpg

4 KB
5 KB

207ms
207ms

Image
image/jpeg

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/uploads/2021/06/003-144x100.jpg
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.81 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: b57245994e1df062a0eb10265547e7d49d7e3007df0c1f409dd34a42e78430e6

Request headers

:path: /wp-content/uploads/2021/06/003-144x100.jpg
pragma: no-cache
cookie: __utma=204431381.737633867.1625131683.1625131683.1625131683.1; __utmc=204431381; __utmz=204431381.1625131683.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=204431381.1.10.1625131683; __gads=ID=39a4d8446d408bf3-220747ed4ec900d5:T=1625131683:RT=1625131683:S=ALNI_MbQUZN7o5yEbR3ZxPnzL9705EWQ_A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: timedopovo.tk
referer: https://timedopovo.tk/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
last-modified: Fri, 04 Jun 2021 17:53:38 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 4476
expires: Sat, 31 Jul 2021 09:28:02 GMT

Redirect headers

date: Thu, 01 Jul 2021 09:28:03 GMT
cdn-edgestorageid: 722, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:timedopovo.tk
cdn-cachedat: 2021-06-30 21:23:10
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-722
cdn-requestpullcode: 302
x-purge: 1
location: https://timedopovo.tk/wp-content/uploads/2021/06/003-144x100.jpg
content-type: text/html; charset=UTF-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 379b3c9f545a21b870efa523102f5ef3
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2

200

agenciacorinthians-foto-180450-1-1024x695-1-147x100.jpg
timedopovo.tk/wp-content/uploads/2021/06/
Redirect Chain

https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_147/https://timedopovo.tk/wp-content/uploads/2021/06/agenciacorinthians-foto-180450-1-1024x695-1-147x100.jpg
https://timedopovo.tk/wp-content/uploads/2021/06/agenciacorinthians-foto-180450-1-1024x695-1-147x100.jpg

5 KB
5 KB

181ms
181ms

Image
image/jpeg

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/uploads/2021/06/agenciacorinthians-foto-180450-1-1024x695-1-147x100.jpg
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.81 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: dcdf89c03c77ddfecca983f3193527d5ecadb6703589b8cdd0ba77ff0928ef2c

Request headers

:path: /wp-content/uploads/2021/06/agenciacorinthians-foto-180450-1-1024x695-1-147x100.jpg
pragma: no-cache
cookie: __utma=204431381.737633867.1625131683.1625131683.1625131683.1; __utmc=204431381; __utmz=204431381.1625131683.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=204431381.1.10.1625131683; __gads=ID=39a4d8446d408bf3-220747ed4ec900d5:T=1625131683:RT=1625131683:S=ALNI_MbQUZN7o5yEbR3ZxPnzL9705EWQ_A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: timedopovo.tk
referer: https://timedopovo.tk/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
last-modified: Fri, 04 Jun 2021 17:49:39 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 5414
expires: Sat, 31 Jul 2021 09:28:02 GMT

Redirect headers

date: Thu, 01 Jul 2021 09:28:03 GMT
cdn-edgestorageid: 632, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:timedopovo.tk
cdn-cachedat: 2021-06-30 21:23:10
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-722
cdn-requestpullcode: 302
x-purge: 1
location: https://timedopovo.tk/wp-content/uploads/2021/06/agenciacorinthians-foto-180450-1-1024x695-1-147x100.jpg
content-type: text/html; charset=UTF-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: c58acc057a26180132ccbe92d51a0428
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2

200

Se-entrar-em-campo-Ramiro-vai-completar-100-jogos-pelo-Corinthians-147x100.jpg
timedopovo.tk/wp-content/uploads/2021/06/
Redirect Chain

https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_147/https://timedopovo.tk/wp-content/uploads/2021/06/Se-entrar-em-campo-Ramiro-vai-completar-100-jogos-pelo-Corinthians-147x100.jpg
https://timedopovo.tk/wp-content/uploads/2021/06/Se-entrar-em-campo-Ramiro-vai-completar-100-jogos-pelo-Corinthians-147x100.jpg

5 KB
5 KB

174ms
174ms

Image
image/jpeg

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/uploads/2021/06/Se-entrar-em-campo-Ramiro-vai-completar-100-jogos-pelo-Corinthians-147x100.jpg
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.81 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: a984aa4dd8ef7b364554086f53750aadfeee7e5eb91194afa2b68eb776d7d090

Request headers

:path: /wp-content/uploads/2021/06/Se-entrar-em-campo-Ramiro-vai-completar-100-jogos-pelo-Corinthians-147x100.jpg
pragma: no-cache
cookie: __utma=204431381.737633867.1625131683.1625131683.1625131683.1; __utmc=204431381; __utmz=204431381.1625131683.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=204431381.1.10.1625131683; __gads=ID=39a4d8446d408bf3-220747ed4ec900d5:T=1625131683:RT=1625131683:S=ALNI_MbQUZN7o5yEbR3ZxPnzL9705EWQ_A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: timedopovo.tk
referer: https://timedopovo.tk/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
last-modified: Wed, 02 Jun 2021 12:16:17 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 4680
expires: Sat, 31 Jul 2021 09:28:02 GMT

Redirect headers

date: Thu, 01 Jul 2021 09:28:03 GMT
cdn-edgestorageid: 756, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:timedopovo.tk
cdn-cachedat: 2021-07-01 11:28:03
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-722
cdn-requestpullcode: 302
x-purge: 1
location: https://timedopovo.tk/wp-content/uploads/2021/06/Se-entrar-em-campo-Ramiro-vai-completar-100-jogos-pelo-Corinthians-147x100.jpg
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 62aaac574f1f59116ed07bf77943177a
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2

200

E2zqBvVXEAABR5D-133x100.jpg
timedopovo.tk/wp-content/uploads/2021/06/
Redirect Chain

https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_133/https://timedopovo.tk/wp-content/uploads/2021/06/E2zqBvVXEAABR5D-133x100.jpg
https://timedopovo.tk/wp-content/uploads/2021/06/E2zqBvVXEAABR5D-133x100.jpg

6 KB
6 KB

182ms
181ms

Image
image/jpeg

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/uploads/2021/06/E2zqBvVXEAABR5D-133x100.jpg
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.81 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: a1002be707e49b36154939a19473e7fea49324fba0ddd01ae6d371cf07908e35

Request headers

:path: /wp-content/uploads/2021/06/E2zqBvVXEAABR5D-133x100.jpg
pragma: no-cache
cookie: __utma=204431381.737633867.1625131683.1625131683.1625131683.1; __utmc=204431381; __utmz=204431381.1625131683.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=204431381.1.10.1625131683; __gads=ID=39a4d8446d408bf3-220747ed4ec900d5:T=1625131683:RT=1625131683:S=ALNI_MbQUZN7o5yEbR3ZxPnzL9705EWQ_A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: timedopovo.tk
referer: https://timedopovo.tk/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
last-modified: Tue, 01 Jun 2021 17:06:55 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 5933
expires: Sat, 31 Jul 2021 09:28:02 GMT

Redirect headers

date: Thu, 01 Jul 2021 09:28:03 GMT
cdn-edgestorageid: 632, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:timedopovo.tk
cdn-cachedat: 2021-06-30 21:23:10
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-722
cdn-requestpullcode: 302
x-purge: 1
location: https://timedopovo.tk/wp-content/uploads/2021/06/E2zqBvVXEAABR5D-133x100.jpg
content-type: text/html; charset=UTF-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: f4df8f8a10f2b3ddbbb57af5fe45c429
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2

200

agenciacorinthians-foto-180367-1-1024x690-1-148x100.jpg
timedopovo.tk/wp-content/uploads/2021/06/
Redirect Chain

https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_148/https://timedopovo.tk/wp-content/uploads/2021/06/agenciacorinthians-foto-180367-1-1024x690-1-148x100.jpg
https://timedopovo.tk/wp-content/uploads/2021/06/agenciacorinthians-foto-180367-1-1024x690-1-148x100.jpg

6 KB
6 KB

218ms
217ms

Image
image/jpeg

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/uploads/2021/06/agenciacorinthians-foto-180367-1-1024x690-1-148x100.jpg
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.81 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: 367ab85e5b8f900d16ab9eefd01e4e0bf1bce3b1f427edac85b88220242a2bcc

Request headers

:path: /wp-content/uploads/2021/06/agenciacorinthians-foto-180367-1-1024x690-1-148x100.jpg
pragma: no-cache
cookie: __utma=204431381.737633867.1625131683.1625131683.1625131683.1; __utmc=204431381; __utmz=204431381.1625131683.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=204431381.1.10.1625131683; __gads=ID=39a4d8446d408bf3-220747ed4ec900d5:T=1625131683:RT=1625131683:S=ALNI_MbQUZN7o5yEbR3ZxPnzL9705EWQ_A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: timedopovo.tk
referer: https://timedopovo.tk/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
last-modified: Tue, 01 Jun 2021 17:03:27 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 6069
expires: Sat, 31 Jul 2021 09:28:02 GMT

Redirect headers

date: Thu, 01 Jul 2021 09:28:03 GMT
cdn-edgestorageid: 632, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:timedopovo.tk
cdn-cachedat: 2021-06-30 21:23:10
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-722
cdn-requestpullcode: 302
x-purge: 1
location: https://timedopovo.tk/wp-content/uploads/2021/06/agenciacorinthians-foto-180367-1-1024x690-1-148x100.jpg
content-type: text/html; charset=UTF-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: f43b7e78b4f1093a197f8d3ab988d4e4
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2

200

Corinthians-comemora-49-anos-da-estreia-do-idolo-Wladimir-145x100.jpg
timedopovo.tk/wp-content/uploads/2021/06/
Redirect Chain

https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_145/https://timedopovo.tk/wp-content/uploads/2021/06/Corinthians-comemora-49-anos-da-estreia-do-idolo-Wladimir-145x100.jpg
https://timedopovo.tk/wp-content/uploads/2021/06/Corinthians-comemora-49-anos-da-estreia-do-idolo-Wladimir-145x100.jpg

6 KB
6 KB

212ms
211ms

Image
image/jpeg

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/uploads/2021/06/Corinthians-comemora-49-anos-da-estreia-do-idolo-Wladimir-145x100.jpg
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.81 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: f805d35a83897b0b2be89a14dd7ef81d59a7a4f03c83b6fe63b779e0af52522e

Request headers

:path: /wp-content/uploads/2021/06/Corinthians-comemora-49-anos-da-estreia-do-idolo-Wladimir-145x100.jpg
pragma: no-cache
cookie: __utma=204431381.737633867.1625131683.1625131683.1625131683.1; __utmc=204431381; __utmz=204431381.1625131683.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=204431381.1.10.1625131683; __gads=ID=39a4d8446d408bf3-220747ed4ec900d5:T=1625131683:RT=1625131683:S=ALNI_MbQUZN7o5yEbR3ZxPnzL9705EWQ_A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: timedopovo.tk
referer: https://timedopovo.tk/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
last-modified: Tue, 01 Jun 2021 16:59:30 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 6213
expires: Sat, 31 Jul 2021 09:28:02 GMT

Redirect headers

date: Thu, 01 Jul 2021 09:28:03 GMT
cdn-edgestorageid: 632, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:timedopovo.tk
cdn-cachedat: 2021-06-30 11:38:47
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-722
cdn-requestpullcode: 302
x-purge: 1
location: https://timedopovo.tk/wp-content/uploads/2021/06/Corinthians-comemora-49-anos-da-estreia-do-idolo-Wladimir-145x100.jpg
content-type: text/html; charset=UTF-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 474ce26c77a7c6c093bef2b2d1e52fd7
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2

200

001-177x100.png
timedopovo.tk/wp-content/uploads/2021/06/
Redirect Chain

https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_177/https://timedopovo.tk/wp-content/uploads/2021/06/001-177x100.png
https://timedopovo.tk/wp-content/uploads/2021/06/001-177x100.png

11 KB
11 KB

208ms
207ms

Image
image/png

31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timedopovo.tk/wp-content/uploads/2021/06/001-177x100.png
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.81 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: acdf89c6903b463e90842a8ca32ac5cf48f4937964f15f06319e4acbd82fb7d3

Request headers

:path: /wp-content/uploads/2021/06/001-177x100.png
pragma: no-cache
cookie: __utma=204431381.737633867.1625131683.1625131683.1625131683.1; __utmc=204431381; __utmz=204431381.1625131683.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=204431381.1.10.1625131683; __gads=ID=39a4d8446d408bf3-220747ed4ec900d5:T=1625131683:RT=1625131683:S=ALNI_MbQUZN7o5yEbR3ZxPnzL9705EWQ_A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: timedopovo.tk
referer: https://timedopovo.tk/
:scheme: https
sec-fetch-site: cross-site
:method: GET
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
last-modified: Tue, 01 Jun 2021 16:53:15 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 11374
expires: Sat, 31 Jul 2021 09:28:02 GMT

Redirect headers

date: Thu, 01 Jul 2021 09:28:03 GMT
cdn-edgestorageid: 723, 602
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-tag: Domain:timedopovo.tk
cdn-cachedat: 2021-07-01 11:28:03
cdn-pullzone: 257218
content-length: 0
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-DE1-722
cdn-requestpullcode: 302
x-purge: 1
location: https://timedopovo.tk/wp-content/uploads/2021/06/001-177x100.png
content-type: text/html; charset=UTF-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 2534ede07b7149ee4a5f20184aeda0f2
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 show_i.php Show response
adds.livreuso.tk/anuncios// Frame CA6A 1 KB
733 B 39ms
39ms Document
text/html 31.22.4.94
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://adds.livreuso.tk/anuncios//show_i.php?a=529&z=29&c=1&adurl=12485&target=_blank
Requested by: Host: adds.livreuso.tk
URL: https://adds.livreuso.tk/anuncios//show.php?z=29&j=1&code=1625131683222
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.94 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv23.byethost23.org
Software: nginx /
Resource Hash: 6145966ff7a1166344c55a349d35ff04361528756d3a3f61ee54b9d342c91614

Request headers

:method: GET
:authority: adds.livreuso.tk
:scheme: https
:path: /anuncios//show_i.php?a=529&z=29&c=1&adurl=12485&target=_blank
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://timedopovo.tk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://timedopovo.tk/

Response headers

server: nginx
date: Thu, 01 Jul 2021 09:28:02 GMT
content-type: text/html
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=7nuqs5cn1u1far4l5jqr5ni2f6; path=/
content-encoding: br

GET
H2 200 view Show response
ad.lomadee.com/banner/ Frame F632 1 KB
1 KB 454ms
454ms Document
text/html 65.9.77.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lomadee.com/banner/view?sourceId=35923256&dimension=3&width=120&height=600&method=0&advertisers=&tags=
Requested by: Host: ad.lomadee.com
URL: https://ad.lomadee.com/banners/script.js?sourceId=35923256&dimension=3&height=600&width=120&method=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 7a16d22a72693b58a9632fbf386f21af19bf876536c855cbb69a4343f0953930

Request headers

:method: GET
:authority: ad.lomadee.com
:scheme: https
:path: /banner/view?sourceId=35923256&dimension=3&width=120&height=600&method=0&advertisers=&tags=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adds.livreuso.tk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adds.livreuso.tk/

Response headers

content-type: text/html;charset=UTF-8
content-encoding: gzip
content-language: en-US
date: Thu, 01 Jul 2021 09:28:03 GMT
server: Apache-Coyote/1.1
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: Pa49Ow60lCIuPf2eaY_kWkGgI90XS7i6pZzFYY3lh76phra5p2dwyg==

GET
H2 200 script.js Show response
ad.lomadee.com/banners/ Frame 24F1 432 B
577 B 16ms
16ms Script
text/html 65.9.77.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lomadee.com/banners/script.js?sourceId=35923256&dimension=3&height=600&width=120&method=0
Requested by: Host: adds.livreuso.tk
URL: https://adds.livreuso.tk/anuncios//show_i.php?a=559&z=5&c=1&adurl=12484&target=_blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: e984e3d18fdb5dcc9ac6ab02e069d5b78cf22c19681cd064541c49de98c731b2

Request headers

Referer: https://adds.livreuso.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 08:08:49 GMT
via: 1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
age: 91153
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-language: en-US
content-encoding: gzip
x-amz-cf-pop: AMS1-C1
content-type: text/html;charset=UTF-8
x-amz-cf-id: 3jW1AYztF8HAByeY5yVCciqeswqRq9nPpUgDa3lx04nd415mVb5KDw==

GET
H2 200 blank.gif
adds.livreuso.tk/anuncios//images/ Frame 24F1 43 B
236 B 32ms
32ms Image
image/gif 31.22.4.94
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adds.livreuso.tk/anuncios//images/blank.gif
Requested by: Host: adds.livreuso.tk
URL: https://adds.livreuso.tk/anuncios//show_i.php?a=559&z=5&c=1&adurl=12484&target=_blank
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.94 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv23.byethost23.org
Software: nginx /
Resource Hash: 204e26ceed9d428095faf4121c5049f1e106116971865681001c2298f7cc5689

Request headers

Referer: https://adds.livreuso.tk/anuncios//show_i.php?a=559&z=5&c=1&adurl=12484&target=_blank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
last-modified: Sun, 17 Dec 2017 15:19:14 GMT
server: nginx
content-type: image/gif
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 43
expires: Sat, 31 Jul 2021 09:28:02 GMT

GET
H2 200 view Show response
ad.lomadee.com/banner/ Frame B8BC 1 KB
1 KB 433ms
433ms Document
text/html 65.9.77.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lomadee.com/banner/view?sourceId=35923256&dimension=3&width=120&height=600&method=0&advertisers=&tags=
Requested by: Host: ad.lomadee.com
URL: https://ad.lomadee.com/banners/script.js?sourceId=35923256&dimension=3&height=600&width=120&method=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 7a16d22a72693b58a9632fbf386f21af19bf876536c855cbb69a4343f0953930

Request headers

:method: GET
:authority: ad.lomadee.com
:scheme: https
:path: /banner/view?sourceId=35923256&dimension=3&width=120&height=600&method=0&advertisers=&tags=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adds.livreuso.tk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adds.livreuso.tk/

Response headers

content-type: text/html;charset=UTF-8
content-encoding: gzip
content-language: en-US
date: Thu, 01 Jul 2021 09:28:03 GMT
server: Apache-Coyote/1.1
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: hCtVRAGw7woB7W8mHDG7l_qSH8loMAUVBlyih3rorjNVnvnqmKegvQ==

GET
H2 200 script.js Show response
ad.lomadee.com/banners/ Frame CA6A 430 B
588 B 99ms
99ms Script
text/html 65.9.77.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lomadee.com/banners/script.js?sourceId=35923256&dimension=1&height=90&width=728&method=0
Requested by: Host: adds.livreuso.tk
URL: https://adds.livreuso.tk/anuncios//show_i.php?a=529&z=29&c=1&adurl=12485&target=_blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: cd3600e9be27f74665aba132c024322645a8e61af8dc08072c617386511268bb

Request headers

Referer: https://adds.livreuso.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 12:19:52 GMT
via: 1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
age: 162490
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-language: en-US
content-encoding: gzip
x-amz-cf-pop: AMS1-C1
content-type: text/html;charset=UTF-8
x-amz-cf-id: Rr9MvZUZMtft6t6N_P96nYTGdM2O-eMk63fGWrbo0LT84hYso2SZnw==

GET
H2 200 blank.gif
adds.livreuso.tk/anuncios//images/ Frame CA6A 43 B
236 B 33ms
33ms Image
image/gif 31.22.4.94
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adds.livreuso.tk/anuncios//images/blank.gif
Requested by: Host: adds.livreuso.tk
URL: https://adds.livreuso.tk/anuncios//show_i.php?a=529&z=29&c=1&adurl=12485&target=_blank
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.94 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv23.byethost23.org
Software: nginx /
Resource Hash: 204e26ceed9d428095faf4121c5049f1e106116971865681001c2298f7cc5689

Request headers

Referer: https://adds.livreuso.tk/anuncios//show_i.php?a=529&z=29&c=1&adurl=12485&target=_blank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:02 GMT
last-modified: Sun, 17 Dec 2017 15:19:14 GMT
server: nginx
content-type: image/gif
cache-control: max-age=2592000, public, proxy-revalidate
accept-ranges: bytes
content-length: 43
expires: Sat, 31 Jul 2021 09:28:02 GMT

GET
H2 200 view Show response
ad.lomadee.com/banner/ Frame BFF0 1 KB
1 KB 467ms
467ms Document
text/html 65.9.77.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lomadee.com/banner/view?sourceId=35923256&dimension=1&width=728&height=90&method=0&advertisers=&tags=
Requested by: Host: ad.lomadee.com
URL: https://ad.lomadee.com/banners/script.js?sourceId=35923256&dimension=1&height=90&width=728&method=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 46f193253bdb1a244670856489ffd6a132edce6bb4e5fb80fbc22df5ae45c42a

Request headers

:method: GET
:authority: ad.lomadee.com
:scheme: https
:path: /banner/view?sourceId=35923256&dimension=1&width=728&height=90&method=0&advertisers=&tags=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adds.livreuso.tk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adds.livreuso.tk/

Response headers

content-type: text/html;charset=UTF-8
content-length: 742
content-encoding: gzip
content-language: en-US
date: Thu, 01 Jul 2021 09:28:03 GMT
server: Apache-Coyote/1.1
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 3VBYugYrHo_OsTN91bd9YB6a0EWO5vmYu-6saIttMvmtfY9EH8S7lQ==

GET
H2 200 2cf382c0243f736f095f6a9c7e747b10
ad.lomadee.com/banners/179/ Frame F632 39 KB
39 KB 42ms
40ms Image
image/png 65.9.77.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.lomadee.com/banners/179/2cf382c0243f736f095f6a9c7e747b10
Requested by: Host: ad.lomadee.com
URL: https://ad.lomadee.com/banner/view?sourceId=35923256&dimension=3&width=120&height=600&method=0&advertisers=&tags=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c2fb2328fb570db3bc04dea694fe87b94a42ab4c5d025b335df6203a3c7df04

Request headers

Referer: https://ad.lomadee.com/banner/view?sourceId=35923256&dimension=3&width=120&height=600&method=0&advertisers=&tags=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 23:17:37 GMT
via: 1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
last-modified: Mon, 14 Dec 2020 14:54:18 GMT
server: AmazonS3
age: 36627
etag: "bf26e69ccb31b68e643e5974ed3cf454"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 40061
x-amz-cf-id: XfdI2Tb7scslPqDPBWTdcy-uGriSS3yOsMEKAxQdNUHj8EcuZJsulg==

GET analyze.js
statistcdn.com/ Frame F632 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame F632 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ad.lomadee.com
URL: https://ad.lomadee.com/banner/view?sourceId=35923256&dimension=3&width=120&height=600&method=0&advertisers=&tags=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ad.lomadee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 6978
date: Thu, 01 Jul 2021 07:31:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Thu, 01 Jul 2021 09:31:45 GMT

GET
H2 200 2cf382c0243f736f095f6a9c7e747b10
ad.lomadee.com/banners/179/ Frame B8BC 39 KB
39 KB 42ms
40ms Image
image/png 65.9.77.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.lomadee.com/banners/179/2cf382c0243f736f095f6a9c7e747b10
Requested by: Host: ad.lomadee.com
URL: https://ad.lomadee.com/banner/view?sourceId=35923256&dimension=3&width=120&height=600&method=0&advertisers=&tags=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c2fb2328fb570db3bc04dea694fe87b94a42ab4c5d025b335df6203a3c7df04

Request headers

Referer: https://ad.lomadee.com/banner/view?sourceId=35923256&dimension=3&width=120&height=600&method=0&advertisers=&tags=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 23:17:37 GMT
via: 1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
last-modified: Mon, 14 Dec 2020 14:54:18 GMT
server: AmazonS3
age: 36627
etag: "bf26e69ccb31b68e643e5974ed3cf454"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 40061
x-amz-cf-id: 16zz-2wsvPzRxDrqvkmzqrAMxvM-zg5q7Kx2qAJv9zAPAV_55SSOAQ==

GET analyze.js
statistcdn.com/ Frame B8BC 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame B8BC 48 KB
19 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ad.lomadee.com
URL: https://ad.lomadee.com/banner/view?sourceId=35923256&dimension=3&width=120&height=600&method=0&advertisers=&tags=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ad.lomadee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 6978
date: Thu, 01 Jul 2021 07:31:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Thu, 01 Jul 2021 09:31:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 30C2 3 KB
694 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3432341997211165&output=html&h=280&slotname=8825380003&adk=3290701847&adf=215310249&pi=t.ma~as.8825380003&w=1000&fwrn=4&fwrnh=100&lmt=1625131683&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625131683002&bpp=2&bdt=215&idt=106&shv=r20210628&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3804470934&nras=1&correlator=4513150934890&frm=20&pv=2&ga_vid=737633867.1625131683&ga_sid=1625131683&ga_hid=1381309911&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=308&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060975%2C31061747%2C31061382&oid=3&pvsid=3826242253633630&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UsmPa9fiiq&p=https%3A//timedopovo.tk&dtd=109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ae91fe13f17bd08dbfa835ba6128d165dba3c87ed1d3d1619e22e458657d681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 08:51:14 GMT
server: ESF
date: Thu, 01 Jul 2021 09:28:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Jul 2021 09:28:03 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 30C2 1 KB
963 B 34ms
12ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jul 2021 09:27:54 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame 30C2 17 KB
7 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7112
x-xss-protection: 0
server: cafe
etag: 12276874145846594193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jul 2021 09:27:54 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 30C2 3 KB
1 KB 32ms
12ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jul 2021 09:27:09 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 30C2 125 KB
38 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:03 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879993577808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38803
x-xss-protection: 0
expires: Thu, 01 Jul 2021 09:28:03 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 30C2 14 KB
6 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:22:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jul 2021 09:22:53 GMT

GET
H2 200 3a5e94886a53c84cf1384eecbc513cea.js Show response
www.gstatic.com/mysidia/ Frame 30C2 25 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3a5e94886a53c84cf1384eecbc513cea.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

646ccb2bc6d5f34ef2196899f1cc72b43cc0df424b166f9cc93c58112c9377bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 18:36:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139877
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10696
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 22:35:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 27 Sep 2021 18:36:46 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 30C2 0
0 21ms
21ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnLolo4rdYN3zB6OhrAT3gYKoCp62lvpi5Z3qkswKl7Kc9bwYEAEgkaG_E2CVAqABntmS0ALIAQapAmGPlhMg4bM-qAMByAMCqgS5AU_QOpukXZLICiyEojeeb6tQYPpOhKuw2hdtqseCssMPgHXAQ_0ELfDfULEJYr7kLpge48RCewx2tiQITRFfC0gpUiAIwOQYHCeWMOhHNvCaUXeui4hv72u9uUxJ1hsBJJxHVQRw4t1XPuMOzNa976Ffw4JeJvg3ZkH9seVqnd3hKvPp7scTGTQ83oxHb8LPONaTyANtqVIPxOLk8fwfk3rYrysxUJGJgmpsntT3XlJD-D4u4uxoiD0hwATfgpy0uQKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AHyqbtrwGoB4qcsQKoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEOuWINIICQiA4YAQEAEYH4AKAcgLAdgTDtAVAYAXAbIXGgoYCAASFHB1Yi0zNDMyMzQxOTk3MjExMTY1&sigh=5UQHHGqbvAw&template_id=493

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3432341997211165&output=html&h=280&slotname=8825380003&adk=3290701847&adf=215310249&pi=t.ma~as.8825380003&w=1000&fwrn=4&fwrnh=100&lmt=1625131683&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625131683002&bpp=2&bdt=215&idt=106&shv=r20210628&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3804470934&nras=1&correlator=4513150934890&frm=20&pv=2&ga_vid=737633867.1625131683&ga_sid=1625131683&ga_hid=1381309911&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=308&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060975%2C31061747%2C31061382&oid=3&pvsid=3826242253633630&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UsmPa9fiiq&p=https%3A//timedopovo.tk&dtd=109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 01 Jul 2021 09:28:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 01 Jul 2021 09:28:03 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 30C2 33 KB
33 KB 29ms
8ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcS8LX0Sv36gPqU5hHBzoDlXxXKkQKaTtiE8SdU0eB0tzyrunDUskIOfvebCHw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99a10d9b3262de9e76a169d93b1398901995916eb2a1c53e47d72dcdb95443aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 14:40:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Mar 2021 11:54:07 GMT
server: sffe
age: 154052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33282
x-xss-protection: 0
expires: Wed, 29 Jun 2022 14:40:31 GMT

GET
DATA 200
OK truncated
/ Frame 30C2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb9162e311f1f53293c705c2b31edbac19fa3f4a499286f8996ae6d3e96f67c0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 30C2 20 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 02:47:38 GMT
x-content-type-options: nosniff
age: 24025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Jul 2022 02:47:38 GMT

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 30C2 21 KB
21 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

880615098e4a8fa71bedc4b510d6b74145e0528eef749bf4127ee6db7989a1fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 00:51:47 GMT
x-content-type-options: nosniff
age: 30976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21464
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:23 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Jul 2022 00:51:47 GMT

GET
H2 200 fdb7e0d10bb1713a5d13fb8971712a46
ad.lomadee.com/banners/6126/ Frame BFF0 43 KB
43 KB 424ms
423ms Image
image/jpeg 65.9.77.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.lomadee.com/banners/6126/fdb7e0d10bb1713a5d13fb8971712a46
Requested by: Host: ad.lomadee.com
URL: https://ad.lomadee.com/banner/view?sourceId=35923256&dimension=1&width=728&height=90&method=0&advertisers=&tags=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 76e6fb87cb2bf9702427b01cfa23e890e3bde209a57393d3247ce0686d1ba694

Request headers

Referer: https://ad.lomadee.com/banner/view?sourceId=35923256&dimension=1&width=728&height=90&method=0&advertisers=&tags=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:05 GMT
via: 1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
last-modified: Fri, 25 Jun 2021 21:51:28 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
etag: "d975e0366afe3e001720e6c89dfc57c5"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 43953
x-amz-cf-id: AhedprdoVraI18RXf6pJeBZcs5f_-pOSkNVsgZIp1nGODlhvZeKUzg==

GET analyze.js
statistcdn.com/ Frame BFF0 0
0

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame BFF0 48 KB
19 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ad.lomadee.com
URL: https://ad.lomadee.com/banner/view?sourceId=35923256&dimension=1&width=728&height=90&method=0&advertisers=&tags=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ad.lomadee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 6978
date: Thu, 01 Jul 2021 07:31:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Thu, 01 Jul 2021 09:31:45 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 554E 3 KB
1 KB 23ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3432341997211165&output=html&h=600&slotname=4618836511&adk=2751928702&adf=4244182132&pi=t.ma~as.4618836511&w=300&fwrn=4&fwrnh=100&lmt=1625131683&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625131683192&bpp=21&bdt=405&idt=21&shv=r20210628&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39a4d8446d408bf3-220747ed4ec900d5%3AT%3D1625131683%3ART%3D1625131683%3AS%3DALNI_MbQUZN7o5yEbR3ZxPnzL9705EWQ_A&prev_fmts=0x0%2C1000x280&prev_slotnames=3804470934%2C0023709217&nras=1&correlator=4513150934890&frm=20&pv=1&ga_vid=737633867.1625131683&ga_sid=1625131683&ga_hid=1381309911&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1005&ady=705&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060975%2C31061747%2C31061382&oid=3&pvsid=3826242253633630&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=5&uci=a!5&fsb=1&xpc=K2QGXhWfaI&p=https%3A//timedopovo.tk&dtd=25

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jul 2021 09:27:09 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 554E 125 KB
38 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:04 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879993577808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38803
x-xss-protection: 0
expires: Thu, 01 Jul 2021 09:28:04 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 554E 14 KB
6 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:22:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jul 2021 09:22:53 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 554E 0
0 13ms
13ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRxBpx9hpIm1lx0yMArzTvQpFbH0ac_AW5fTQcj5brcGhaoPDzLMZVRNCRg5kz8Qe7C6YpEgmFkFiK8gxZdlAqiP2J5hg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3432341997211165&output=html&h=600&slotname=4618836511&adk=2751928702&adf=4244182132&pi=t.ma~as.4618836511&w=300&fwrn=4&fwrnh=100&lmt=1625131683&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625131683192&bpp=21&bdt=405&idt=21&shv=r20210628&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39a4d8446d408bf3-220747ed4ec900d5%3AT%3D1625131683%3ART%3D1625131683%3AS%3DALNI_MbQUZN7o5yEbR3ZxPnzL9705EWQ_A&prev_fmts=0x0%2C1000x280&prev_slotnames=3804470934%2C0023709217&nras=1&correlator=4513150934890&frm=20&pv=1&ga_vid=737633867.1625131683&ga_sid=1625131683&ga_hid=1381309911&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1005&ady=705&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060975%2C31061747%2C31061382&oid=3&pvsid=3826242253633630&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=5&uci=a!5&fsb=1&xpc=K2QGXhWfaI&p=https%3A//timedopovo.tk&dtd=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame 7812 223 KB
37 KB 14ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7bf67883867f93d08cbf4eeac0485e641cb9e5b123e18bef046b7c706cffd28

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/17626451119355985920/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Wed, 30 Jun 2021 03:45:32 GMT
expires: Thu, 30 Jun 2022 03:45:32 GMT
last-modified: Mon, 03 May 2021 14:21:52 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 38330
age: 106952
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 554E 0
0 18ms
18ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrCbLo4rdYMDNDpiZrAT-to7QC-W2js5i_8r3gfYN2tkeEAEgkaG_E2CVAqABlc_o8QPIAQmpAmGPlhMg4bM-qAMByAMCqgS3AU_QDGlZiC5KOBO5ELyMPplPG60as18SpWJeIRPk-RX8gnu6ZUZ5QHzarcGU1oDZS-SNesMnAw0aBwAKA3iki2d1YVOqZe4sN2rb2JZC6OB50eWl7--CSYD-7Mf5mDFqOnskyWNxztlKgfB6uMSTgjAEYjavk-8GtG5TSUqUaVXraZWLOfy7EflE3xs1ogZMpkBO60ppuFR32x0-dippd9Qqbhuczi-urCJ2YtF_njHMtsNMkPjMgMAE2qyF2MsDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBl2AB9Owlw6oB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ4PgF0ggJCIDhgBAQARgfgAoByAsB2BMNiBQB0BUBmBYBgBcBshcaChgIABIUcHViLTM0MzIzNDE5OTcyMTExNjU&sigh=N7x46nOdiBs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3432341997211165&output=html&h=600&slotname=4618836511&adk=2751928702&adf=4244182132&pi=t.ma~as.4618836511&w=300&fwrn=4&fwrnh=100&lmt=1625131683&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625131683192&bpp=21&bdt=405&idt=21&shv=r20210628&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39a4d8446d408bf3-220747ed4ec900d5%3AT%3D1625131683%3ART%3D1625131683%3AS%3DALNI_MbQUZN7o5yEbR3ZxPnzL9705EWQ_A&prev_fmts=0x0%2C1000x280&prev_slotnames=3804470934%2C0023709217&nras=1&correlator=4513150934890&frm=20&pv=1&ga_vid=737633867.1625131683&ga_sid=1625131683&ga_hid=1381309911&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1005&ady=705&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060975%2C31061747%2C31061382&oid=3&pvsid=3826242253633630&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=5&uci=a!5&fsb=1&xpc=K2QGXhWfaI&p=https%3A//timedopovo.tk&dtd=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 01 Jul 2021 09:28:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A233 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3432341997211165&output=html&h=600&slotname=4618836511&adk=2751928702&adf=4244182132&pi=t.ma~as.4618836511&w=300&fwrn=4&fwrnh=100&lmt=1625131683&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625131683192&bpp=21&bdt=405&idt=21&shv=r20210628&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39a4d8446d408bf3-220747ed4ec900d5%3AT%3D1625131683%3ART%3D1625131683%3AS%3DALNI_MbQUZN7o5yEbR3ZxPnzL9705EWQ_A&prev_fmts=0x0%2C1000x280&prev_slotnames=3804470934%2C0023709217&nras=1&correlator=4513150934890&frm=20&pv=1&ga_vid=737633867.1625131683&ga_sid=1625131683&ga_hid=1381309911&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1005&ady=705&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060975%2C31061747%2C31061382&oid=3&pvsid=3826242253633630&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=5&uci=a!5&fsb=1&xpc=K2QGXhWfaI&p=https%3A//timedopovo.tk&dtd=25
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkhlpwaxPNLla_jS0vXCcTJeDwoy6cajbBVJsGpS8y7k8uOyaNDWQtsuMaKx7c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3432341997211165&output=html&h=600&slotname=4618836511&adk=2751928702&adf=4244182132&pi=t.ma~as.4618836511&w=300&fwrn=4&fwrnh=100&lmt=1625131683&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Ftimedopovo.tk%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625131683192&bpp=21&bdt=405&idt=21&shv=r20210628&cbv=%2Fr20110914&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39a4d8446d408bf3-220747ed4ec900d5%3AT%3D1625131683%3ART%3D1625131683%3AS%3DALNI_MbQUZN7o5yEbR3ZxPnzL9705EWQ_A&prev_fmts=0x0%2C1000x280&prev_slotnames=3804470934%2C0023709217&nras=1&correlator=4513150934890&frm=20&pv=1&ga_vid=737633867.1625131683&ga_sid=1625131683&ga_hid=1381309911&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1005&ady=705&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060975%2C31061747%2C31061382&oid=3&pvsid=3826242253633630&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=5&uci=a!5&fsb=1&xpc=K2QGXhWfaI&p=https%3A//timedopovo.tk&dtd=25

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 01 Jul 2021 08:57:41 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1823
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 554E 0
20 B 55ms
41ms Other
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CICrxaXHwfECFZgMiwodfpsDug&gqi=o4rdYNb2DY_i-gaQgZbADA&layout=/sadbundle/%24csp%253Der3%24/17626451119355985920/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 09:28:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A233
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

38ms
38ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkhlpwaxPNLla_jS0vXCcTJeDwoy6cajbBVJsGpS8y7k8uOyaNDWQtsuMaKx7c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 01 Jul 2021 09:28:04 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 01-Jul-2021 10:28:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Jul 2021 09:28:04 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 01 Jul 2021 09:28:04 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 554E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7901b3b85f59d5b011ef015509367a01536c754720d01661ff568882fa86ec9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 css
fonts.googleapis.com/ Frame 7812 2 KB
499 B 26ms
23ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2130554153fa8c200d17c28a5c70c3b0cf4bd9b4796d6e431c89c7f99417a1a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 08:49:52 GMT
server: ESF
date: Thu, 01 Jul 2021 09:28:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Jul 2021 09:28:04 GMT

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7812 16 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 08:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4639
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 02 Jul 2021 08:10:45 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7812 26 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 20:19:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 01 Jul 2021 20:19:58 GMT

GET
H3-29 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame 7812 23 KB
23 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 06:21:47 GMT
x-content-type-options: nosniff
age: 97577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 06:21:47 GMT

GET
H3-29 200 N0bU2SZBIuF2PU_0DXR1.woff2
fonts.gstatic.com/s/bungee/v6/ Frame 7812 17 KB
17 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bungee/v6/N0bU2SZBIuF2PU_0DXR1.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b00176dbbd9e4c77629b36fae58d076c8c3b55754e7c2dd3a6e4986e7ec9c37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 10:52:10 GMT
x-content-type-options: nosniff
age: 167754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17268
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 03:47:49 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jun 2022 10:52:10 GMT

GET
H3-29 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame 7812 22 KB
22 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 13:10:17 GMT
x-content-type-options: nosniff
age: 159467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jun 2022 13:10:17 GMT

GET
H3-29 200 null-leasing-logo-final_white_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame 7812 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/null-leasing-logo-final_white_1.png

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cdccf1ab4b4215586295612a4a2ef96fa490250fa96dbccc565f659cab86ab

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 127469
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1738
x-xss-protection: 0
last-modified: Mon, 03 May 2021 14:21:52 GMT
server: sffe
date: Tue, 29 Jun 2021 22:03:35 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jun 2022 22:03:35 GMT

GET
H3-29 200 autos_licht_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame 7812 6 KB
6 KB 7ms
6ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/autos_licht_1.png

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a87352099e9b3946d71f4f73c69f9217ef99278088a177d5eef09df78c11e4ae

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 111953
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5867
x-xss-protection: 0
last-modified: Mon, 03 May 2021 14:21:52 GMT
server: sffe
date: Wed, 30 Jun 2021 02:22:11 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 02:22:11 GMT

GET
H3-29 200 autos.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame 7812 48 KB
48 KB 9ms
8ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/autos.png

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c45bfa2dc80f54eb8564aa778a0929a00811168617ee6340cc59f0af48e5cca

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 77705
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49113
x-xss-protection: 0
last-modified: Mon, 03 May 2021 14:21:52 GMT
server: sffe
date: Wed, 30 Jun 2021 11:52:59 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 11:52:59 GMT

GET
H3-29 200 hintergrund_plain.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame 7812 30 KB
30 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/hintergrund_plain.jpg

Requested by

Host: timedopovo.tk
URL: https://timedopovo.tk/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

969231fe165a93933d6908d45bfa09c364b66de37160efea47d87d18d7d37bd8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 91626
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30604
x-xss-protection: 0
last-modified: Mon, 03 May 2021 14:21:52 GMT
server: sffe
date: Wed, 30 Jun 2021 08:00:58 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 08:00:58 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 30C2 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEz1poQijLUKQgwh0URxlEnpXi2STfWiW9K6qx1BSVsq3072WE1sQ1kjKuu2uXS48wQdl0ra9btwUvlGxPExHtEKTAmPlvHWXnynrHJHgYhZGBxmTx1urxcHcxtg&sai=AMfl-YT1hGsxo-6hhaejqJqzMSbDL59BQ6sYdJbueTsVLO5f15sWCIr9C0UsRuQy07wLxxf4RbPBseKcfIbM&sig=Cg0ArKJSzEvWJKmvxd1REAE&id=lidar2&mcvt=1000&p=131,308,411,1308&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210628&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3290701847&rs=2&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1625131683114&dlt=688&rpt=38&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 09:28:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 554E 42 B
64 B 46ms
46ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssIKoNYwBxZceACrCvk_mzOLYviCeOMAoPSfSdM8LCnHVid_KDjI0CWgyCTEc3i0rMMpXOq6VHxzUKnz7JWbaCBJt4aH_w4bx4nxpkhkhao9ikaf1qYzcN_tPhkI-_1FqqmHDM7Wdbsz_OKa87pNi41&sai=AMfl-YTOWlwi-SqVAhN5lM3yCtPITMxK-4PQtrT_mB6uTHYaPM07_q0OrAk8ValPsjfuJkbJIXditDUHH9vFTTn71An75aWtitgPY69uMlaD2ykN9e1s3jVLt4qRYzw&sig=Cg0ArKJSzIJ9swSGVQZMEAE&cid=CAASF-RohQCvEEf1_ohRCg1fFcBUOzmJSDdH&id=lidar2&mcvt=1000&p=705,1005,1305,1305&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210628&bin=7&avms=nio&bs=0,0&mc=0.82&if=1&app=0&itpl=2&adk=2751928702&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1625131683219&dlt=815&rpt=2&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 09:28:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abadmin.css
timedopovo.tk/wp-content/plugins/AutoBlogged/ 13 KB
3 KB 48ms
48ms Stylesheet
text/css 31.22.4.81
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://timedopovo.tk/wp-content/plugins/AutoBlogged/abadmin.css
Requested by: Host: timedopovo.tk
URL: https://timedopovo.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.81 Houghton-Le-Spring, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv46.byethost46.org
Software: nginx /
Resource Hash: ffd839e0426df1587647de26c5713be3f579f9f7f816fdf5353e5ef7644a733c

Request headers

:path: /wp-content/plugins/AutoBlogged/abadmin.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: timedopovo.tk
referer: https://timedopovo.tk/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:29 GMT
content-encoding: br
last-modified: Fri, 06 Apr 2018 00:40:16 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000, public, proxy-revalidate
expires: Sat, 31 Jul 2021 09:28:29 GMT

GET
H3-29

200

/
www.facebook.com/login/ Frame 590C
Redirect Chain

https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ad0bf32ca25ac%26domain%3Dtimedopovo.tk%26orig...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253...

0
0

184ms
184ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1ad0bf32ca25ac%2526domain%253Dtimedopovo.tk%2526origin%253Dhttps%25253A%25252F%25252Ftimedopovo.tk%25252Ff194fb87c216c3%2526relation%253Dparent.parent%26color_scheme%3Dlight%26container_width%3D300%26header%3Dtrue%26height%3D300%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ftimedopovonews%253Fref%253Dhl%26locale%3Dpt_BR%26sdk%3Djoey%26show_border%3Dtrue%26show_faces%3Dtrue%26stream%3Dfalse%26width%3D300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/all.js?hash=9853219abf11c358881ef70e4635079d

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1ad0bf32ca25ac%2526domain%253Dtimedopovo.tk%2526origin%253Dhttps%25253A%25252F%25252Ftimedopovo.tk%25252Ff194fb87c216c3%2526relation%253Dparent.parent%26color_scheme%3Dlight%26container_width%3D300%26header%3Dtrue%26height%3D300%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ftimedopovonews%253Fref%253Dhl%26locale%3Dpt_BR%26sdk%3Djoey%26show_border%3Dtrue%26show_faces%3Dtrue%26stream%3Dfalse%26width%3D300
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://timedopovo.tk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-rlafr: 0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: B1UqA7IXefprL/mmMvxXdf/TEnIDA0Oc2gtv3vmt+ElXkpHfRJtHqnSaWrubaoqd4Z/usUfqSpjwQO9Vr7+5qg==
date: Thu, 01 Jul 2021 09:28:30 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1ad0bf32ca25ac%2526domain%253Dtimedopovo.tk%2526origin%253Dhttps%25253A%25252F%25252Ftimedopovo.tk%25252Ff194fb87c216c3%2526relation%253Dparent.parent%26color_scheme%3Dlight%26container_width%3D300%26header%3Dtrue%26height%3D300%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ftimedopovonews%253Fref%253Dhl%26locale%3Dpt_BR%26sdk%3Djoey%26show_border%3Dtrue%26show_faces%3Dtrue%26stream%3Dfalse%26width%3D300
x-fb-rlafr: 0
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: iNmMy2LyEiED8yOErEsDgjVc+rbyGfojBUEpezTXDRJqEYOk7p4Aly93SJDBXFgDPH7cs49fOHCDBVZsg9/nwQ==
content-length: 0
date: Thu, 01 Jul 2021 09:28:30 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 36ms
17ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210628&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ed8644630e2b5b375e6a95164c461ae14bad07582bd4855c9beb9b28a84aa0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Jul 2021 09:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7857
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 01 Jul 2021 09:28:30 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1307 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://timedopovo.tk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://timedopovo.tk/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 01 Jul 2021 09:27:23 GMT
expires: Fri, 01 Jul 2022 09:27:23 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 67
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 03B2 783 B
532 B 16ms
15ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c293b206ecfaa6aa4b1625413620b5509f5af7911513ac0970167f7a25d958bc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rjALWl66IkkWGgycn2vTFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://timedopovo.tk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://timedopovo.tk/

Response headers

expires: Thu, 01 Jul 2021 09:28:30 GMT
date: Thu, 01 Jul 2021 09:28:30 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-rjALWl66IkkWGgycn2vTFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js Show response
pagead2.googlesyndication.com/bg/ Frame 1307 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:08:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5767
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Jul 2022 09:08:16 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210628&jk=3826242253633630&bg=!k5ClkNTNAAYo4NJEKOA7ACkAdvg8Ws21BOExI2xqs_U8_VnAjJiZeAiyevYi_mCZrsMTL7mv3k9X3gIAAABBUgAAAAhoAQcKAF28n0M2GGpnd2aJ1m1mu-thnfan4tbCdUocn5HqU9xdzvB4Bw1KFx2Ja-BNAAyIhFH2jdqiDwZltOnQIVK0itKZBz4F4Sz0aGVJN6AtM7f1oDw4dqaZR5W6Je7F0HWZAmOv1oovAVgzdnnwU1co-6DaFmo5dFX8rBO4ACFZCXnzl4gEj1alo0E0B_Q_SMQAV4tNmuiINcMPfePCDPDAfByC1H6BGUn8Nu0c-u8ezQGPOCff5bYlbV0oYrr5OG8WcrUQne_No0FYJ_xepe3wqvNc9WQ189UGj-tUO3qiyocYDJC6kbxuvRl1VakRMRJZPDxb2fpl-7aRY4-sXKoD07mQBgji7MsTC9x2qoIogSZ_Y98XBlCpXO5vCAvR7pKxMnuHuxo88OQYTf54e0VuxJXUZLkcJTZfHcGFGBjJRSqqQmXzGrjpaco1GVU00-YL8hCmdfFbZMT0K-EwZ2iLv9CS8OFe_AQhTe0DYbgPejZVLsKiQCuQ6kblMYWt3wj831dg3DZzKq10oVDECWHew2-VLWEUlNg0G57BYZKiUw-pvPTa7sY5xZDfsZM0WFNozD2U3pJ2eP9_4cC02SBbFLC5pUxxTZsXo-srpE29-eIXOmTkL1vlEHvaeQm0inTkLvN9c9fN6IO6Ub1DutRNN2Q1XKj7OmGvM0yG3nJ_uosrZQet2QLYXNqClEmYJD5nV0pnwtSTF9zK7gIE-RXtV6rFq6kY-LfIJZSkGhQ2SNmspLpMeDOCQLT8DqTKXx2ecXI2oPH47shR0NJEckooui8bgS-2H8klQh6mjJ85P57O2YvTB6XViGNYjUdpVo4t7_Je92Rf_LQV0C5fl-HBt7YXCxoRiHlEUp21y2EbRhwnrcTa5bNO_7vwzavjIp4lzrtVhvaN7nYKExMLI7qf5-C2ABq-BMWRZPW_pZVZfz7E3RamnQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timedopovo.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 09:28:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.com
URL: http://www.google.com/cse/query_renderer.js

Domain: www.google.com
URL: http://www.google.com/cse/api/partner-pub-3432341997211165/cse/6624308046/queries/js?oe=ISO-8859-1&callback=(new+PopularQueryRenderer(document.getElementById(%22queries%22))).render

Domain: www.google.com
URL: http://www.google.com/afsonline/show_afs_search.js

Domain: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Domain: www.google.com.br
URL: http://www.google.com.br/coop/cse/brand?form=cse-search-box&lang=pt

Domain: statistcdn.com
URL: https://statistcdn.com/analyze.js?typeId=f

Domain: statistcdn.com
URL: https://statistcdn.com/analyze.js?typeId=f

Domain: statistcdn.com
URL: https://statistcdn.com/analyze.js?typeId=f

Verdicts & Comments Add Verdict or Comment

197 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://timedopovo.tk/wp-content/cache/autoptimize/js/autoptimize_64369739fc755262d7d80c591d79ad24.js(Line 12) Message: JQMIGRATE: Migrate is installed with logging active, version 3.3.2
console-api	warning	URL: https://timedopovo.tk/wp-content/cache/autoptimize/js/autoptimize_64369739fc755262d7d80c591d79ad24.js(Line 14) Message: JQMIGRATE: jQuery.fn.hover() is deprecated
console-api	log	URL: https://timedopovo.tk/wp-content/cache/autoptimize/js/autoptimize_64369739fc755262d7d80c591d79ad24.js(Line 14) Message: console.trace

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.lomadee.com
adds.livreuso.tk
adservice.google.com
adservice.google.de
cdn.shortpixel.ai
connect.facebook.net
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
panel.clickwise.net
partner.googleadservices.com
ssl.google-analytics.com
statistcdn.com
timedopovo.tk
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.br
www.googletagservices.com
www.gstatic.com
www.timedopovo.tk
pagead2.googlesyndication.com
statistcdn.com
www.google.com
www.google.com.br
142.250.185.66
178.62.123.45
185.59.220.199
2a00:1450:4001:800::2002
2a00:1450:4001:800::2004
2a00:1450:4001:801::2002
2a00:1450:4001:802::2003
2a00:1450:4001:802::200a
2a00:1450:4001:809::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2004
2a00:1450:4001:812::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2003
2a00:1450:4001:827::2008
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
31.22.4.81
31.22.4.94
65.9.77.85
013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6
05453e4bc29bf102d62f4bc29373c1d1228990689e5bc5dd2f799127e4bf10c4
0a3a7fa763bed9a2db11ef20a393033951f38fd221f113a1a2d2891cd3b2ddfb
0bc45ae1a68c98eaf9e0b6792354927135f20a397277609fc7081599502104a4
0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c45bfa2dc80f54eb8564aa778a0929a00811168617ee6340cc59f0af48e5cca
1e0b105463e87ccc5220d9aba7dc76cbd4ff9acab31d23f2bfcaaa81f869a702
204e26ceed9d428095faf4121c5049f1e106116971865681001c2298f7cc5689
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
2130554153fa8c200d17c28a5c70c3b0cf4bd9b4796d6e431c89c7f99417a1a9
23f91e8fed1b07720dbb269a526666a72ca20e4af6388c95757f7469229708dd
26c2de650abedd51a53aa45b0a4291a896862c9cbc1a3db734f86942373ff069
29d592e34e3d2c8ca0c55ceafd75940de79cdb6381d8ceb372d226e7820e7220
2ef3959264092b72de9339f88c90054eed3c2c83a3e755b058df53ce75310ee7
367ab85e5b8f900d16ab9eefd01e4e0bf1bce3b1f427edac85b88220242a2bcc
424ed09455012f5bcea0f4b2b79eb9f973e4b44ad33773601dd9bc5485badd9e
46f193253bdb1a244670856489ffd6a132edce6bb4e5fb80fbc22df5ae45c42a
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4f2dab5366889ccb09deeff2e8530ddd50234a9ecf94bd021a7b5df566c4ab97
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
504d99fa3b140ec5b29d818ae6d2ab46c7786f6025e610e7c1c74812a9517c2b
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
582d51734a74ebfe38b84dd58fbdcd9db0fb6d9a6be3297e82d1adac5f165ebc
5a02e2246cb69facdac93ae2789f172c7ad079808db6bf62f41af6c6c2857a95
5ae91fe13f17bd08dbfa835ba6128d165dba3c87ed1d3d1619e22e458657d681
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
6145966ff7a1166344c55a349d35ff04361528756d3a3f61ee54b9d342c91614
62cdccf1ab4b4215586295612a4a2ef96fa490250fa96dbccc565f659cab86ab
646ccb2bc6d5f34ef2196899f1cc72b43cc0df424b166f9cc93c58112c9377bf
64ad2b889e573ea0f48d0c21a22e7dbc47d08ca54dff2091e418e9b4b418be14
6bd760dc672e6d692fd30cca41e3629ab4c67d24fde1d13d2b3d5744fd06f351
6c2fb2328fb570db3bc04dea694fe87b94a42ab4c5d025b335df6203a3c7df04
70026657c87a5132b6a431dff968771873d699737fb63c32af45f5790a1a38c3
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
74a14c3c9efff84398be5969f5ed596e76fd40786aa034907d67e2cafbf746d6
76e6fb87cb2bf9702427b01cfa23e890e3bde209a57393d3247ce0686d1ba694
7961fb8e2c56c456004b8621329bcc73e2030785eb88be511bec404c80a659b7
7a16d22a72693b58a9632fbf386f21af19bf876536c855cbb69a4343f0953930
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86f937a29eaee70aaf9935799a414bea46c62fb136cc0465f63f9d6820cf4982
880615098e4a8fa71bedc4b510d6b74145e0528eef749bf4127ee6db7989a1fd
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
9186533ba21799e1a451b35581408963a2bd352a157f1b194c0727fb68357558
9349517ae5b218dbbd8f88d761badabd64bd36e6f0eaae0ad685995360765cda
969231fe165a93933d6908d45bfa09c364b66de37160efea47d87d18d7d37bd8
986037628ef2f713282cdf6658e45f2d778e374635e2b7b6ec0f3e2fd9281ba3
99a10d9b3262de9e76a169d93b1398901995916eb2a1c53e47d72dcdb95443aa
9ed8644630e2b5b375e6a95164c461ae14bad07582bd4855c9beb9b28a84aa0b
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
a1002be707e49b36154939a19473e7fea49324fba0ddd01ae6d371cf07908e35
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a7bf67883867f93d08cbf4eeac0485e641cb9e5b123e18bef046b7c706cffd28
a87352099e9b3946d71f4f73c69f9217ef99278088a177d5eef09df78c11e4ae
a984aa4dd8ef7b364554086f53750aadfeee7e5eb91194afa2b68eb776d7d090
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
acdf89c6903b463e90842a8ca32ac5cf48f4937964f15f06319e4acbd82fb7d3
b00176dbbd9e4c77629b36fae58d076c8c3b55754e7c2dd3a6e4986e7ec9c37b
b57245994e1df062a0eb10265547e7d49d7e3007df0c1f409dd34a42e78430e6
b7901b3b85f59d5b011ef015509367a01536c754720d01661ff568882fa86ec9
b8e86c44c2f2cc0f6d192de5b6a94b23e3c60db1117bed35701ae1e7ec6cfe5a
c293b206ecfaa6aa4b1625413620b5509f5af7911513ac0970167f7a25d958bc
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c7a0b4b4be7b58ab5b0e0dbfc3cbf6234da12f6f8ce0b5449659e94f1adfb396
c7c551b1377910b03c341ebde9f8c4e02c160d73ead48832efb3f3a3e278c1b1
cbd509669e176f744af1c69d7c339e14127f4be4c59185d6c5ba6fe448fca6f9
cd3600e9be27f74665aba132c024322645a8e61af8dc08072c617386511268bb
ce2c2f487561a1e72f77b2c28bdf121fef04e9c7d3189f5affd499a3a8a77db5
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
dcdf89c03c77ddfecca983f3193527d5ecadb6703589b8cdd0ba77ff0928ef2c
e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6
e984e3d18fdb5dcc9ac6ab02e069d5b78cf22c19681cd064541c49de98c731b2
e98cd00e7be004c4360ad0c38471911312d74a117babcc29f239935afc80c8cb
eead3bba68edf59824c7b77e6e33e9de969f7f84c40745ca757a10aa97020117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f356c1330b17335df99dda5bb53bfd858ff27b903d555e9edb775b2c08d0b357
f4bdb5a57ada4753aa3225f9ccd5a3afc92e9686a15009ebd6f52c365de3f321
f6f98e3262a2c614e92f60697753f130dad5871c6a9259833445578c6c4558fc
f805d35a83897b0b2be89a14dd7ef81d59a7a4f03c83b6fe63b779e0af52522e
fa5d57aec60fbf8f5704ef438e3790323b2c54c91c18c7241a890a7e3cb00fab
fb9162e311f1f53293c705c2b31edbac19fa3f4a499286f8996ae6d3e96f67c0
fc08809552becc11633f8ae84e133f62f1ee23689f6aa71d532ed5ab3ac3d821
fd5f53c36b1a54176ad71a965a88c0bc1520a1b75511fb81b15414cab9a878d4
ffd839e0426df1587647de26c5713be3f579f9f7f816fdf5353e5ef7644a733c

timedopovo.tk Open in urlscan Pro 31.22.4.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

122 Requests

93 %HTTPS

76 %IPv6

18 Domains

24 Subdomains

25 IPs

3 Countries

1570 kBTransfer

3108 kBSize

0 Cookies

8 Outgoing links

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

timedopovo.tk Open in urlscan Pro
31.22.4.81 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

93 %
HTTPS

76 %
IPv6

18
Domains

24
Subdomains

25
IPs

3
Countries

1570 kB
Transfer

3108 kB
Size

0
Cookies

122 HTTP transactions
2 data transactions